CVE-2006-0745 - Local privilege escalation in X.Org server 1.0.0 and later and X11R6.9.0 and X11R7.0. When parsing arguments, the server takes care to check that only root can pass the options -modulepath, which determines the location to load many modules providing server functionality from, and -logfile, which determines the location of the logfile. Normally, these locations cannot be changed by unprivileged users.
6597d054bf1ef5dc391e506a54c9531f46d310afd1d4f729bf2368bf13702df2
Local privilege escalation in X.Org server 1.0.0 and later and X11R6.9.0 and X11R7.0 exploit.
81d5540a611e74f98271be7be6e7aa9d94af55ec197cd0cc41de55e8effc075b
SCO Security Advisory - SCOSA-2006.14 - Multiple X Window System server applications share code that may contain a flaw in the memory allocation for large pixmaps. The affected products include the X.Org X server applications.
48a4a938dcd936474a5b0b2e47c15d935c2921f4a1da2aecfed9eb732aad2714
SCO Security Advisory - SCOSA-2006.13 - Vim is susceptible to an arbitrary command execution vulnerability with ModeLines. This issue is due to insufficient sanitization of user-supplied input.
045df8e15e8974f0ee7a35d6f5a30b98ba9803981c87de92add7de742b49f595
phpWebsite suffers from SQL injection in friend.php and article.php
e2e32d25d3c3bd1df4306397519702b62cea87e47a37f282960c33eaa6d27288
Contrexx CMS versions greater than or equal to v1.0.8 are vulnerable to XSS.
6f1d27f4a4c5be992cbde88effca2f469cf3d7939aef8bc65a27c742558a891c
eVuln Advisory EV0093 - NMDeluxe XSS & SQL Injection Vulnerabilities
15b77166a203f1fbc7e6a4a499ba0f2ad4752579355c27c34b8e3b9a6ec16641
Cisco Aironet 1300 running IOS 12.3(8)JA with default settings is vulnerable to a DoS condition.
c463c054bea69c0c1223da663e0153cd87c0ae577f2358da9011e8e4f1d4db4e
ASPPortal versions less than or equal to 3.1.1 suffer from multiple remote SQL injection vulnerabilities
59ac40eb1594f2a0a1f3d4cb8ec00ff7e68085a272db227b8c938dce7e935860
SUSE Security Announcement - SUSE-SA:2006:015 - A critical security vulnerability has been identified in the Adobe Macromedia Flash Player that allows an attacker who successfully exploits these vulnerabilities to take control of the application running the flash player.
f186d9f33539a24b0938e1c3428dc4538701eb0fa381bcf2354d6acba542c975
SUSE Security Announcement - SUSE-SA:2006:016 - A programming flaw in the X.Org X Server allows local attackers to gain root access when the server is setuid root, as is the default in SUSE Linux 10.0. This flaw was spotted by the Coverity project.
3b96230c3677d9dbeaa5a217f3bf600f0d44bb66092ec2f718dc5d5495ab900d
HPSBUX02102 SSRT051078 rev.1 - HP-UX usermod(1M) Local UnaUthorized Access A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user's new home directory. This may result in unauthorized access to these directories and files.
ab58f9a1d962c93ef79a0f2b536952da288ef76d0448a8f7ce5c2a1380f7d4e1
Symantec Security Advisory SYM06-005 Veritas Backup Exec for Windows Servers: Media Server BENGINE Service Job log Format String Overflow
3fc9efcaf1ab4361eced5ce676619447b9191aad96ae7b1e9960224f392b4759
HPSBUX02101 SSRT051128 rev.1 - HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access - A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access.
b5cd03f600764ec33a21ec9deafc1b243987b7348cbcfa257d43c31691bb846d
HPSBUX02074 SSRT051251 rev.2 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access.
ab11fea4af0a5ebeb6c93f6fd0c9a425a6c492e61ff02054fe4939bf38272e32
Symantec Security Advisory - SYM06-004 - Veritas Backup Exec: Application Memory Denial of Service Revision History
3cf6cedd2727b8d02b6fdab13aa1d34f6c67ae0bdfbb7bb178f07de3946b1ad1
Wbb 2.3.4 suffers from XSS
25de8190086d793f53585e473a90e38fa1db9812bfce95004faf3850e45874d1
Mandriva Linux Security Advisory - MDKSA-2006:057 - GNOME Evolution allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
70e2776e6f09781498f373af6aec344ccc99c3d48d7dd47cba41bf1b53bcae93
Mandriva Linux Security Advisory - MDKSA-2006:056 Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files.
1b4dc778f135dce7313a0c6677e5973fb5181a57f2293962ea9d6716ce025595
Fedora Legacy Update Advisory - The International Domain Name (IDN) support in the Konqueror browser allowed remote attackers to spoof domain names using punycode encoded domain names. Such domain names are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
ee6f50d49649eced00d8838ca76b59d9bfb34379acdb09d9b6ecab2c83abde88
Fedora Legacy Update Advisory - A flaw was discovered in Xpdf in that an attacker could construct a carefully crafted PDF file that would cause Xpdf to consume all available disk space in /tmp when opened.
a3b430b96ae15332234700a20563004de6038b6f794a7e43f9bf6e1c3118f62c
Fedora Legacy Update Advisory - FLSA:174479 - Several bugs in the way libungif decodes GIF images were discovered. An attacker could create a carefully crafted GIF image file in such a way that it could cause an application linked with libungif to crash or execute arbitrary code when the file is opened by a victim.
f8d99dea5e034cd2dcadcf70311aa4f455025952ec37765bd6424c5d5b3b8292
Fedora Legacy Update Advisory FLSA:173274 - A bug was found in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3186 to this issue.
88bb1caf6104789578fa6e50c0b3ca36408039f9ce3a4cf29c94987353b0d235
Fedora Legacy Update Advisory FLSA:157459-4 - Updated kernel packages that fix several security issues are now available
f4256e55c28ba1912634c8ce7c70d6529e0e086ab7339a38903eba88d2edcac3
Gentoo Linux Security Advisory GLSA 200603-16 - Ulf Harnhammar discovered a buffer overflow in Metamail when processing mime boundraries. Versions less than 2.7.45.3-r1 are affected.
f29c70fd6cfcbb588c484138110f7ed7aff908196900f804c3cc3aa493371651