| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
| HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. |
| The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. |
| Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
| Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors. |
| Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. |
| Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain. |
| Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors. |
| SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. |
| Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
| Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors. |
| Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. |
| Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. |
| The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
| Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434. |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. |
| Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors. |
| Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure 2." |
| Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to gain unauthorized access, possibly involving remshd and/or telnet -t. |
| RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. |
