CVE-2006-1381

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.

Publication date: Fri, 24 Mar 2006 17:02:00 +0000

Cyber News related to CVE-2006-1381

CVE-2008-2033 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1381. Reason: This candidate is a duplicate of CVE-2008-1381. Notes: All CVE users should reference CVE-2008-1381 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2006-1381 - Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe. ...
7 years ago

CVE-2020-1381 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1382. ...
4 years ago

CVE-2020-1382 - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1381. ...
3 years ago

CVE-2010-1381 - The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enables support for wide links, which allows remote authenticated users to access arbitrary files via vectors involving symbolic links. NOTE: this might ...
14 years ago

CVE-2009-1381 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a ...
1 year ago

CVE-2007-1381 - The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers ...
16 years ago

CVE-2012-1381 - Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2.2.0 for Android has unknown impact and attack vectors. ...
12 years ago

CVE-2011-1381 - Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to bypass intended access restrictions via unknown vectors. ...
10 years ago

CVE-2014-1381 - Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ...
8 years ago

CVE-1999-1381 - Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands. ...
8 years ago

CVE-2016-1381 - Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270. ...
8 years ago

CVE-2005-1381 - Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter. ...
7 years ago

CVE-2003-1381 - Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command. ...
7 years ago

CVE-2008-1381 - ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL. The following link contains patch information: ...
7 years ago

CVE-2002-1381 - Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value. ...
1 year ago

CVE-2004-1381 - Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other ...
7 years ago

CVE-2015-1381 - Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors. ...
6 years ago

CVE-2017-1381 - IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152. ...
5 years ago

CVE-2019-1381 - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations, aka 'Microsoft Windows Information Disclosure Vulnerability'. ...
5 years ago

CVE-2021-1381 - A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console. The vulnerability is due to insufficient command ...
3 years ago

CVE-2023-1381 - The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in ...
1 year ago

CVE-2022-1381 - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution ...
1 year ago

CVE-2013-1381 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
54 years ago Tenable.com

CVE-2024-1381 - The Page Builder Sandwich – Front End WordPress Page Builder Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.0. This makes it possible for authenticated attackers, with ...
9 months ago

Latest Cyber News

CVE-2024-48007 - 18 hours ago
CVE-2024-48008 - 18 hours ago
CVE-2024-55889 - 18 hours ago
CVE-2024-11986 - 18 hours ago
CVE-2024-22461 - 18 hours ago
CVE-2024-38488 - 18 hours ago
CVE-2024-9608 - 20 hours ago
CVE-2024-11827 - 20 hours ago
CVE-2024-21576 - 20 hours ago
CVE-2024-21577 - 20 hours ago
CVE-2024-52065 - 21 hours ago
CVE-2024-52066 - 21 hours ago
CVE-2024-52059 - 21 hours ago
CVE-2024-52060 - 21 hours ago
CVE-2024-52061 - 21 hours ago
CVE-2024-52062 - 21 hours ago
CVE-2024-52063 - 21 hours ago
CVE-2024-52064 - 21 hours ago
CVE-2024-52058 - 21 hours ago
CVE-2021-32007 - 21 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-40849 - 3 days ago
CVE-2024-44219 - 3 days ago
CVE-2024-44303 - 3 days ago
CVE-2024-8116 - 2 days ago
CVE-2024-8650 - 2 days ago
CVE-2024-21575 - 1 day ago
CVE-2024-54842 - 1 day ago
CVE-2024-55633 - 1 day ago
CVE-2024-52901 - 1 day ago
CVE-2024-55099 - 1 day ago
CVE-2024-31670 - 1 day ago
CVE-2024-47238 - 1 day ago
CVE-2024-54810 - 1 day ago
CVE-2024-55662 - 1 day ago
CVE-2024-49071 - 1 day ago
CVE-2024-49147 - 1 day ago
CVE-2024-54811 - 1 day ago
CVE-2024-55663 - 1 day ago
CVE-2024-55875 - 1 day ago
CVE-2024-55876 - 1 day ago