National Vulnerability Database

This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.

CVE-2006-4343 (debian_linux, openssl, ubuntu_linux)
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Thu, 28 Sep 2006 14:07:00 -0400

CVE-2006-4785 (moodle)
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insert_record function, which calls _adodb_column_sql in the adodb layer (lib/adodb/adodb-lib.inc.php), which does not convert the data type to an int.
Thu, 14 Sep 2006 06:07:00 -0400

CVE-2006-6499 (debian_linux, firefox, seamonkey, thunderbird, ubuntu_linux)
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
Tue, 19 Dec 2006 20:28:00 -0500

CVE-2006-6500 (debian_linux, firefox, seamonkey, thunderbird, ubuntu_linux)
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap.
Tue, 19 Dec 2006 20:28:00 -0500

CVE-2006-6501 (debian_linux, firefox, seamonkey, thunderbird, ubuntu_linux)
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
Tue, 19 Dec 2006 20:28:00 -0500

©2018 Web-Studio.co.uk

Search

Engage your users with slide outs

This appeared because you clicked a button

Get In Touch

Complete the form below and a member of our team will be in touch with you as soon as we can.