CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.

Publication date: Sun, 19 Mar 2006 07:02:00 +0000


Cyber News related to CVE-2006-1251

CVE-2006-1251 - Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron ...
7 years ago
CVE-2020-1207 - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1247, ...
3 years ago
CVE-2020-1253 - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, ...
3 years ago
CVE-2020-1310 - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, ...
3 years ago
CVE-2020-1251 - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, ...
3 years ago
CVE-2020-1247 - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, ...
3 years ago
CVE-2019-1251 - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1245. ...
5 years ago
CVE-2019-1245 - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1251. ...
5 years ago
CVE-2019-1244 - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251. ...
5 years ago
CVE-2002-1251 - Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. ...
16 years ago
CVE-2003-1251 - The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web ...
16 years ago
CVE-2001-1251 - SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a denial of service via multiple long URL requests. ...
16 years ago
CVE-2009-1251 - Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX ...
13 years ago
CVE-2012-1251 - Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. ...
10 years ago
CVE-2014-1251 - Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file. ...
9 years ago
CVE-2016-1251 - There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare1. ...
7 years ago
CVE-2017-1251 - An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 124631. ...
7 years ago
CVE-1999-1251 - Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service. ...
7 years ago
CVE-2015-1251 - Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document. <a ...
6 years ago
CVE-2008-1251 - Cross-site scripting (XSS) vulnerability in the web interface on the central phone server for the Snom 320 SIP Phone allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
6 years ago
CVE-2010-1251 - Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability." ...
6 years ago
CVE-2007-1251 - Format string vulnerability in the new_warning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string ...
6 years ago
CVE-2018-1251 - Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web URLs by tricking the ...
5 years ago
CVE-2013-1251 - Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and ...
4 years ago
CVE-2011-1251 - Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)