CVE-2006-2085

Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.

Publication date: Sat, 29 Apr 2006 15:02:00 +0000

Cyber News related to CVE-2006-2085

CVE-2024-47685 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use ...
3 months ago Tenable.com

CVE-2006-2085 - Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that ...
6 years ago

CVE-2014-2085 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2084. Reason: This issue was MERGED into CVE-2014-2084 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. ...
55 years ago Tenable.com

CVE-2002-2085 - Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. ...
16 years ago

CVE-2010-2085 - The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter. ...
1 year ago

CVE-2012-2085 - The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute. ...
11 years ago

CVE-2005-2085 - Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command. ...
8 years ago

CVE-2016-2085 - The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack. ...
1 year ago

CVE-2004-2085 - Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) the sid parameter to comments.php, (2) the cid, cf, ...
7 years ago

CVE-2008-2085 - Multiple stack-based buffer overflows in the (1) get_remote_ip_media and (2) get_remote_ipv6_media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a ...
7 years ago

CVE-2009-2085 - The Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote attackers to bypass intended CSIv2 access ...
7 years ago

CVE-2007-2085 - Cross-site scripting (XSS) vulnerability in oe2edit.cgi in oe2edit CMS allows remote attackers to inject arbitrary web script or HTML via the q parameter. An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI ...
6 years ago

CVE-2013-2085 - Directory traversal vulnerability in apps/files_trashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. (dot dot) in the dir parameter. ...
6 years ago

CVE-2019-2085 - In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: ...
5 years ago

CVE-2021-2085 - Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker ...
4 years ago

CVE-2011-2085 - Multiple cross-site request forgery (CSRF) vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users. ...
3 years ago

CVE-2023-2085 - The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templates function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to ...
1 year ago

CVE-2022-2085 - A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a ...
1 year ago

CVE-2017-2085 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2018-2085 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
55 years ago Tenable.com

CVE-2024-2085 - The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' value in several widgets all versions up to, and including, 2.4.6 due to insufficient input sanitization and output ...
9 months ago

CVE-2024-26624 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago

CVE-2024-53123 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
55 years ago Tenable.com

Latest Cyber News

CVE-2025-1193 - 20 hours ago
CVE-2024-11621 - 20 hours ago
CVE-2025-1147 - 20 hours ago
CVE-2025-1148 - 20 hours ago
CVE-2024-8684 - 21 hours ago
CVE-2024-8685 - 21 hours ago
CVE-2025-1175 - 21 hours ago
CVE-2025-25247 - 22 hours ago
CVE-2025-1099 - 23 hours ago
CVE-2025-21684 - 1 day ago
CVE-2025-21685 - 1 day ago
CVE-2024-57949 - 1 day ago
CVE-2024-13440 - 2 days ago
CVE-2025-0169 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago
CVE-2023-4927 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-1099 - 23 hours ago
CVE-2025-25247 - 22 hours ago
CVE-2024-8684 - 21 hours ago
CVE-2024-8685 - 21 hours ago
CVE-2025-1175 - 21 hours ago
CVE-2024-11621 - 20 hours ago
CVE-2025-1147 - 20 hours ago
CVE-2025-1148 - 20 hours ago
CVE-2025-1193 - 20 hours ago
CVE-2025-1115 - 3 days ago
CVE-2025-1116 - 2 days ago
CVE-2024-13850 - 2 days ago
CVE-2025-1117 - 2 days ago
CVE-2024-54176 - 2 days ago
CVE-2023-4927 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago