LiveActive security incident?Get immediate response
CVE archive

July 2006

Browse CVE records published in July 2006, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 546 matching CVEs · Page 1 of 11.

Medium · CVSS 5.5

CVE-2006-3547: EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application fa...

EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed

Published Jul 13, 2006 · Updated Jan 17, 2025

Unknown · CVSS Not scored

CVE-2006-3416: Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network...

Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS. Therefore this issue should not be included in CVE

Published Jul 7, 2006 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2006-7215: The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set t...

The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access (A) bit for a page in certain circumstances involving proximity of the code segment limit to the end of a code page, which has unknown impact and attack vectors on certain operating systems other than OpenBSD, aka AI90.

Published Jul 3, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2006-3830: The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and ear...

The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to the bmc/Inc/Lang directory. NOTE: because the uploaded files cannot be accessed through HTTP, this issue is a vulnerability only if there is a likely usage pattern in which the files would be opened or executed by local users, e.g., malware files with names that entice local users to open the files.

Published Jul 25, 2006 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2006-4183: Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c En...

Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.

Published Jul 18, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3841: Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Intern...

Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Internet Explorer 6 SP2 or Konqueror 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the URL, which is not sanitized before being returned in an error message when WebScarab is not able to access the URL.

Published Jul 25, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3942: The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers...

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.

Published Jul 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3906: Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PI...

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.

Published Jul 27, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3938: DotClear allows remote attackers to obtain sensitive information via a direct request for (1) edit_cat.php,...

DotClear allows remote attackers to obtain sensitive information via a direct request for (1) edit_cat.php, (2) index.php, (3) edit_link.php in ecrire/tools/blogroll/; (4) syslog/index.php, (5) thememng/index.php, (6) toolsmng/index.php, (7) utf8convert/index.php in /ecrire/tools/; (8) /ecrire/inc/connexion.php and (9) /inc/session.php; (10) class.blog.php, (11) class.blogcomment.php, (12) and class.blogpost.php in /inc/classes/; (13) append.php, (14) class.xblog.php, (15) class.xblogcomment.php, and (16) class.xblogpost.php in /layout/; (17) form.php, (18) list.php, (19) post.php, or (20) template.php in /themes/default/, which reveal the installation path in error messages.

Published Jul 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3901: Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute...

Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename.

Published Jul 27, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3935: system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to adm...

system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to administrator functions, which allows remote authenticated users to (1) send broadcast messages to all users (/workplace/broadcast), (2) list all users (/accounts/users), (3) add webusers (/accounts/webusers/new), (4) upload database import and export files (/database/importhttp), (5) upload arbitrary program modules (/modules/modules_import), and (6) read the log file (/workplace/logfileview) by setting the appropriate value for the path parameter in a direct request to admin-main.jsp.

Published Jul 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3944: Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash...

Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via a (1) Forms.ListBox.1 or (2) Forms.ListBox.1 object with the ListWidth property set to (a) 0x7fffffff, which triggers an integer overflow exception, or to (b) 0x7ffffffe, which triggers a null dereference.

Published Jul 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-3918: http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Serv...

http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.

Published Jul 28, 2006 · Updated Aug 7, 2024