Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-6500 |
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. Published: December 19, 2006; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2006-6501 |
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function. Published: December 19, 2006; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2006-6503 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI. Published: December 19, 2006; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2006-6504 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption. Published: December 19, 2006; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-5779 |
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. Published: November 07, 2006; 1:07:00 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2006-5173 |
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. Published: October 17, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-4997 |
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). Published: October 10, 2006; 12:06:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.1 HIGH |
CVE-2006-5158 |
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. Published: October 05, 2006; 12:04:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 3.3 LOW |
CVE-2006-3918 |
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. Published: July 27, 2006; 8:04:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |