Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 139359 entries
IDDescriptionPriorityModified date
CVE-2006-7181 ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) fichero parameter to morcegoCMS.php or the (2) path parameter to adodb/adodb.inc.php. NOTE: vector 1 has been disputed by a third party who shows that $fichero can not be controlled by an attacker. High Sep 5, 2008
CVE-2006-7180 ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of sevice (disrupted authentication) and conduct spoofing attacks. Medium Nov 15, 2008
CVE-2006-7179 ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements (CSA IEs), which allows remote attackers to cause a denial of service (loss of communication) via a Channel Switch Count less than or equal to one, triggering a channel change. High Nov 15, 2008
CVE-2006-7178 MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service (system crash) via a certain AUTH frame. High Nov 15, 2008
CVE-2006-7177 MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system crash) via unspecified vectors that lead to a kernel panic in the ieee80211_input function, related to packets coming from a 'malicious' WinXP system. High Nov 15, 2008
CVE-2006-7176 The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the localhost.localdomain domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages. Medium Sep 5, 2008
CVE-2006-7175 The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired. High Sep 5, 2008
CVE-2006-7174 PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this may be the same issue as CVE-2006-5235. High Sep 5, 2008
CVE-2006-7173 Direct static code injection vulnerability in admin.php in PHP-Stats 0.1.9.1b and earlier allows remote attackers to execute arbitrary PHP code via a crafted option_Unchanged[report_w_day] parameter in a preferenze action, which can be later accessed via option/php-stats-options.php. High Sep 5, 2008
CVE-2006-7172 Multiple SQL injection vulnerabilities in php-stats.recphp.php in PHP-Stats 0.1.9.1b and earlier allow remote attackers to execute arbitrary code via a leading dotted-quad IP address string in the (1) PC-REMOTE-ADDR HTTP header, which is inserted into $_SERVER['HTTP_PC_REMOTE_ADDR'], or (2) ip parameter. High Nov 13, 2008
CVE-2006-7171 product_review.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x[] parameter. Medium Sep 5, 2008
CVE-2006-7170 Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php. High Sep 5, 2008
CVE-2006-7169 PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _CONFIG[skin_dir] parameter. Medium Sep 5, 2008
CVE-2006-7168 PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Medium Sep 5, 2008
CVE-2006-7167 Unspecified vulnerability in ProRat Server 1.9 Fix2 allows remote attackers to bypass the authentication mechanism for remote login via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. High Sep 5, 2008
CVE-2006-7166 IBM WebSphere Application Server (WAS) 5.1.1.9 and earlier allows remote attackers to obtain JSP source code and other sensitive information via a specific JSP URL. Medium Sep 5, 2008
CVE-2006-7165 IBM WebSphere Application Server (WAS) 5.0 through 5.1.1.0 allows remote attackers to obtain JSP source code and other sensitive information via certain special URIs. Medium Sep 5, 2008
CVE-2006-7164 SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests. Medium Sep 5, 2008
CVE-2006-7163 DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master password is set, which allows attackers with physical access to read the database contents via an unspecified authentication bypass. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Medium Sep 5, 2008
CVE-2006-7162 PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files. Low Sep 5, 2008
CVE-2006-7161 SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. High Sep 5, 2008
CVE-2006-7160 The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. Medium Sep 5, 2008
CVE-2006-7159 Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via .. sequences in the TORRENTSDIR parameter in a prune action. Medium Sep 5, 2008
CVE-2006-7158 Cross-site scripting (XSS) vulnerability in Oracle Application Express (APEX) before 2.2.1, aka Oracle HTML DB, allows remote attackers to inject arbitrary web script or HTML via the NOTIFICATION_MSG parameter. NOTE: it is likely that this issue overlaps one of the identifiers in CVE-2006-5351.This vulnerability is addressed in the following product update: http://www.oracle.com/technology/products/database/application_express/download.html Medium Sep 5, 2008
CVE-2006-7157 Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element. High Sep 5, 2008
CVE-2006-7156 PHP remote file inclusion vulnerability in addon_keywords.php in Keyword Replacer (keyword_replacer) 1.0 and earlier, a module for miniBB, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter. High Sep 5, 2008
CVE-2006-7155 Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286. High Sep 5, 2008
CVE-2006-7154 Iono allows remote attackers to obtain the full server path via certain requests to (1) templates/iono/admin/denied.tpl.php, (2) templates/iono/admin/index.tpl.php, and (a) other unspecified files in templates/. Medium Sep 5, 2008
CVE-2006-7153 PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote attackers to execute arbitrary code via a URL in the pathToFiles parameter. High Sep 5, 2008
CVE-2006-7152 default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values. High Sep 5, 2008
CVE-2006-7151 Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories. Medium Sep 5, 2008
CVE-2006-7150 Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php. High Sep 5, 2008
CVE-2006-7149 Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x allow remote attackers to inject arbitrary web script or HTML via (1) the query string to (a) index.php, which reflects the string in an error message from mod_login.php; and the (2) mcname parameter to (b) moscomment.php and (c) com_comment.php. Medium Sep 5, 2008
CVE-2006-7148 PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Brazilian PHPBB allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. NOTE: this might be the same issues as CVE-2006-4893. High Sep 5, 2008
CVE-2006-7147 PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Medium Sep 5, 2008
CVE-2006-7146 ** DISPUTED ** PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions. High Sep 5, 2008
CVE-2006-7145 edit_user.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified user_id parameter. Medium Sep 5, 2008
CVE-2006-7144 SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page. High Sep 5, 2008
CVE-2006-7143 Cross-site scripting (XSS) vulnerability in Call Center Software 0.93 and earlier allows remote attackers to inject arbitrary web script or HTML via the problem description field. Medium Sep 5, 2008
CVE-2006-7142 The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive. Medium Sep 5, 2008
CVE-2006-7141 ** DISPUTED ** Absolute path traversal vulnerability in Oracle Database Server, when utl_file_dir is set to a wildcard value or CREATE ANY DIRECTORY to PUBLIC privileges exist, allows remote authenticated users to read and modify arbitrary files via full filepaths to utl_file functions such as (1) utl_file.put_line and (2) utl_file.get_line, a related issue to CVE-2005-0701. NOTE: this issue is disputed by third parties who state that this is due to an insecure configuration instead of an inherent vulnerability. Medium Sep 5, 2008
CVE-2006-7140 The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339. Medium Sep 5, 2008
CVE-2006-7139 Kmail 1.9.1 on KDE 3.5.2, with Prefer HTML to Plain Text enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations. High Sep 5, 2008
CVE-2006-7138 SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven. High Sep 5, 2008
CVE-2006-7137 Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 allows remote attackers to inject arbitrary web script or HTML via the shoutbox. Medium Sep 5, 2008
CVE-2006-7136 Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755. High Sep 5, 2008
CVE-2006-7135 PHP remote file inclusion vulnerability in lib/functions.inc.php in PHP Poll Creator (phpPC) 1.04 allows remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter, a different vector and version than CVE-2005-1755. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. High Sep 5, 2008
CVE-2006-7134 Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. High Sep 5, 2008
CVE-2006-7133 Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote attackers to read arbitrary files via (1) .. sequences or (2) absolute pathnames in the filename parameter. Medium Sep 5, 2008
CVE-2006-7132 Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0beta allows remote attackers to include arbitrary local files via the pmdlang parameter to viewticket.php. High Sep 5, 2008
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online