CVE-2006-3126

c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number.

Publication date: Wed, 06 Sep 2006 05:04:00 +0000

Cyber News related to CVE-2006-3126

CVE-2006-3126 - c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number. ...
13 years ago

CVE-2015-3126 - Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow ...
7 years ago

CVE-2015-4429 - Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow ...
7 years ago

CVE-2007-3126 - Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. ...
2 years ago

CVE-2016-3126 - Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. ...
7 years ago

CVE-2017-3126 - An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter. ...
7 years ago

CVE-2005-3126 - The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. ...
7 years ago

CVE-2008-3126 - Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL. ...
9 months ago

CVE-2011-3126 - WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects. ...
7 years ago

CVE-2012-3126 - Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent. ...
7 years ago

CVE-2010-3126 - Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in ...
7 years ago

CVE-2017-8368 - Sublime Text 3 Build 3126 allows user-assisted attackers to cause a denial of service or possibly have unspecified other impact via a crafted .mkv file. One threat model is a victim who obtains an untrusted crafted file from a remote location and ...
6 years ago

CVE-2013-3126 - Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Internet ...
5 years ago

CVE-2018-3126 - Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high ...
5 years ago

CVE-2022-3126 - The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf ...
1 year ago

CVE-2009-3126 - Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and ...
5 years ago

CVE-2020-3126 - vulnerability within the Multimedia Viewer feature of Cisco Webex Meetings could allow an authenticated, remote attacker to bypass security protections. The vulnerability is due to missing security warning dialog boxes when a room host views shared ...
4 years ago

CVE-2022-3090 - Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's ...
1 year ago

CVE-2023-3126 - The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'b2bkingdownloadpricelist' function in versions up to, and including, 4.6.00. This makes it possible for Authenticated ...
1 year ago

CVE-2024-3126 - A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due to the improper neutralization of ...
4 months ago

CVE-2024-30848 - Cross-site scripting (XSS) vulnerability in SilverSky E-mail service version 5.0.3126 allows remote attackers to inject arbitrary web script or HTML via the version parameter. ...
3 months ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
9 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

Latest Cyber News

CVE-2024-47326 - 3 hours ago
CVE-2024-9553 - 3 hours ago
CVE-2024-47355 - 3 hours ago
CVE-2024-47352 - 3 hours ago
CVE-2024-47349 - 3 hours ago
CVE-2024-47348 - 3 hours ago
CVE-2024-47347 - 3 hours ago
CVE-2024-47346 - 3 hours ago
CVE-2024-47345 - 3 hours ago
CVE-2024-47343 - 3 hours ago
CVE-2024-47342 - 3 hours ago
CVE-2024-47341 - 3 hours ago
CVE-2024-47340 - 3 hours ago
CVE-2024-47339 - 3 hours ago
CVE-2024-47336 - 3 hours ago
CVE-2024-47333 - 3 hours ago
CVE-2024-47332 - 3 hours ago
CVE-2024-47329 - 3 hours ago
CVE-2024-47327 - 3 hours ago
CVE-2024-47368 - 4 hours ago

Cyber Trends (last 7 days)

Okta - 10 months ago
23andMe - 10 months ago
Kimsuky - 10 months ago
LogoFAIL - 9 months ago
Gh0st rat - 10 months ago

Trending Cyber News (last 7 days)

CVE-2024-47368 - 4 hours ago
CVE-2024-47367 - 4 hours ago
CVE-2024-47366 - 4 hours ago
CVE-2024-47364 - 4 hours ago
CVE-2024-47363 - 4 hours ago
CVE-2024-47360 - 4 hours ago
CVE-2024-47357 - 4 hours ago
CVE-2024-47356 - 4 hours ago
CVE-2024-9552 - 4 hours ago
CVE-2024-9551 - 4 hours ago
CVE-2024-47365 - 4 hours ago
CVE-2024-47326 - 3 hours ago
CVE-2024-9553 - 3 hours ago
CVE-2024-47355 - 3 hours ago
CVE-2024-47352 - 3 hours ago
CVE-2024-47349 - 3 hours ago
CVE-2024-47348 - 3 hours ago
CVE-2024-47347 - 3 hours ago
CVE-2024-47346 - 3 hours ago
CVE-2024-47345 - 3 hours ago