CyberSecurityBoard
Sponsor Register Login

CVE-2006-1443

Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions. This vulnerability is addressed in the following product release: Apple, Mac OS X, 10.4.6 (2006-003)

Publication date: Sat, 13 May 2006 02:02:00 +0000


Cyber News related to CVE-2006-1443

CVE-2006-1443 - Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) ...
8 years ago
CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
56 years ago Tenable.com
CVE-2022-1443 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1789. Reason: This candidate is a reservation duplicate of CVE-2024-1789. Notes: All CVE users should reference CVE-2024-1789 instead of this candidate. All ...
2 years ago
CVE-2024-3745 - MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged user. ...
1 year ago
CVE-2005-1443 - Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters. ...
17 years ago
CVE-2009-1443 - Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors. ...
16 years ago
CVE-2012-1443 - The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command ...
13 years ago
CVE-2013-1443 - The authentication framework (django.contrib.auth) in Django 1.4.x before 1.4.8, 1.5.x before 1.5.4, and 1.6.x before 1.6 beta 4 allows remote attackers to cause a denial of service (CPU consumption) via a long password which is then hashed. ...
12 years ago
CVE-2014-1443 - Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read. ...
11 years ago
CVE-2010-1443 - The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty ...
11 years ago
CVE-1999-1443 - Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using the task manager, (2) booting ...
9 years ago
CVE-2001-1443 - KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack. ...
8 years ago
CVE-2004-1443 - Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an e-mail message. ...
8 years ago
CVE-2003-1443 - Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com. ...
8 years ago
CVE-2017-1443 - IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure ...
8 years ago
CVE-2015-1443 - The httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 allows remote attackers to execute arbitrary code. ...
8 years ago
CVE-2002-1443 - The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler. ...
8 years ago
CVE-2007-1443 - Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) ...
7 years ago
CVE-2018-1443 - An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to ...
6 years ago
CVE-2016-1443 - The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted ...
6 years ago
CVE-2011-1443 - Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." ...
5 years ago
CVE-2019-1443 - An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage ...
5 years ago
CVE-2020-1443 - A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. ...
4 years ago
CVE-2023-1443 - A vulnerability was found in Filseclab Twister Antivirus 8. It has been declared as problematic. This vulnerability affects the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of ...
2 years ago
CVE-2008-1443 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none ...
56 years ago Tenable.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)