Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 485

Warning: Undefined variable $scrape_url_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 525

Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

CVE-2006-2238

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue. This vulnerability is addressed in the following product release: Apple, QuickTime, 7.1 for Mac OS X (latest update)

Publication date: Sat, 13 May 2006 02:02:00 +0000

Cyber News related to CVE-2006-2238

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2006-1983 - Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, ...
8 years ago

CVE-2006-2238 - Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in ...
8 years ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com

CVE-2023-2238 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
6 months ago Tenable.com

CVE-2009-2140 - Multiple heap-based buffer overflows in cppcanvas/source/mtfrenderer/emfplus.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allow remote attackers to execute arbitrary code via a crafted EMF+ ...
15 years ago

CVE-2009-2139 - Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a ...
15 years ago

CVE-2011-2178 - The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk ...
2 years ago

CVE-2005-2238 - ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports. ...
17 years ago

CVE-2010-2238 - Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified ...
14 years ago

CVE-2011-2238 - Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL. ...
13 years ago

CVE-2013-2238 - Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted ...
11 years ago

CVE-2015-2238 - Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. ...
8 years ago

CVE-2004-2238 - ** DISPUTED ** Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format ...
8 years ago

CVE-2017-2238 - Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the ...
8 years ago

CVE-2002-2238 - Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in a GET request. ...
8 years ago

CVE-2007-2238 - Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the ...
8 years ago

CVE-2014-2238 - SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter. ...
8 years ago

CVE-2008-2238 - Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow. ...
7 years ago

CVE-2009-2238 - Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp in DMXReady Registration Manager 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, ...
6 years ago

CVE-2012-2238 - trytond 2.4: ModelView.button fails to validate authorization ...
5 years ago

CVE-2019-2238 - Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, ...
5 years ago

CVE-2021-2238 - Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Process Operations). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged attacker with ...
4 years ago

CVE-2022-2238 - A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker to craft specific strings containing special ...
2 years ago

CVE-2022-47966 - Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, ...
11 months ago

CVE-2020-2238 - Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. ...
1 year ago