var-200510-0403
Vulnerability from variot
Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. Apple QuickTime fails to properly handle JPEG images. Apple Quicktime Has multiple vulnerabilities. For more information, see the information provided by the vendor. These issues affect both Mac OS X and Microsoft Windows releases of the software. Successful exploits will result in the execution of arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely cause denial-of-service conditions. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. CVE-2006-1461 An attacker can create a specially crafted Flash movie to trigger a buffer overflow, resulting in arbitrary command execution with user privileges or denial of service. CVE-2006-1462, CVE-2006-1463 An attacker can create a specially crafted H.264 movie to trigger integer overflow or buffer overflow, resulting in arbitrary command execution with user privileges or denial of service. CVE-2006-1464 An attacker can create a specially crafted MPEG4 movie to trigger a buffer overflow, resulting in arbitrary command execution or denial of service with user privileges. CVE-2006-1465 An attacker can create a specially crafted AVI movie to trigger a buffer overflow, resulting in arbitrary command execution or denial of service with user privileges. CVE-2006-1453, CVE-2006-1454 QuickDraw has two vulnerabilities when processing malformed PICT files. Malformed font information may cause stack overflow, and malformed graphics data may cause heap overflow. An attacker can create specially crafted PICT graphics. CVE-2006-2238 An attacker can create a specially crafted BMP graphic to trigger a buffer overflow, causing arbitrary commands to be executed with user privileges or denial of service.
TITLE: Mandriva update for ruby
SECUNIA ADVISORY ID: SA17285
VERIFY ADVISORY: http://secunia.com/advisories/17285/
CRITICAL: Moderately critical
IMPACT: Security Bypass
WHERE:
From remote
OPERATING SYSTEM: Mandrake Corporate Server 2.x http://secunia.com/product/1222/ Mandrakelinux 10.1 http://secunia.com/product/4198/
DESCRIPTION: Mandriva has issued an update for ruby. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
For more information: SA16904
SOLUTION: Apply updated packages.
Mandrakelinux 10.1:
013e98f0b0a09acd8c48b5d438c4e151 10.1/RPMS/ruby-1.8.1-4.4.101mdk.i586.rpm 479e965b6302bd0e74b8699f0a7b9f46 10.1/RPMS/ruby-devel-1.8.1-4.4.101mdk.i586.rpm b5654a6d4bab0b5a33e3e65fdb8bab52 10.1/RPMS/ruby-doc-1.8.1-4.4.101mdk.i586.rpm 2294bfd6f57ebc2cc6eb353e4a62a4b5 10.1/RPMS/ruby-tk-1.8.1-4.4.101mdk.i586.rpm 5407dfbbb45af31d3ffa53f120773f77 10.1/SRPMS/ruby-1.8.1-4.4.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
b8347f871a62a176f049cbe010e298ce x86_64/10.1/RPMS/ruby-1.8.1-4.4.101mdk.x86_64.rpm b9ac7ecba0bc317869795146cf3cc5a4 x86_64/10.1/RPMS/ruby-devel-1.8.1-4.4.101mdk.x86_64.rpm 7803195d658cdf63324f8bf54753018e x86_64/10.1/RPMS/ruby-doc-1.8.1-4.4.101mdk.x86_64.rpm 0f6cb61b12453673ef4a7fb99b6069af x86_64/10.1/RPMS/ruby-tk-1.8.1-4.4.101mdk.x86_64.rpm 5407dfbbb45af31d3ffa53f120773f77 x86_64/10.1/SRPMS/ruby-1.8.1-4.4.101mdk.src.rpm
Corporate Server 2.1:
2aa9219b24bbcf8673df418eb373881b corporate/2.1/RPMS/ruby-devel-1.6.7-5.3.C21mdk.i586.rpm e5b4282401bf2c0794d14b52d7c6c319 corporate/2.1/RPMS/ruby-1.6.7-5.3.C21mdk.i586.rpm e72d411868d4ca8d7a05ba2e0baee926 corporate/2.1/RPMS/ruby-doc-1.6.7-5.3.C21mdk.i586.rpm c795d629e28719f7fe1e8a1619805fdc corporate/2.1/RPMS/ruby-tk-1.6.7-5.3.C21mdk.i586.rpm 61457cb16d1b24e1c31a10c687af94ef corporate/2.1/SRPMS/ruby-1.6.7-5.3.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
d477751b1302ec7c5f271fe9597216fa x86_64/corporate/2.1/RPMS/ruby-1.6.7-5.3.C21mdk.x86_64.rpm b7ac888d722dc6fb8c5b9b9207e34ea3 x86_64/corporate/2.1/RPMS/ruby-devel-1.6.7-5.3.C21mdk.x86_64.rpm 27a29077b76158382c514b965fdf614f x86_64/corporate/2.1/RPMS/ruby-doc-1.6.7-5.3.C21mdk.x86_64.rpm 0e4752d11d67acdabc4561c37c41511e x86_64/corporate/2.1/RPMS/ruby-tk-1.6.7-5.3.C21mdk.x86_64.rpm 61457cb16d1b24e1c31a10c687af94ef x86_64/corporate/2.1/SRPMS/ruby-1.6.7-5.3.C21mdk.src.rpm
ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2005:191
OTHER REFERENCES: SA16904: http://secunia.com/advisories/16904/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200510-0403",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruby",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": "quicktime",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "quicktime player",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#160012"
},
{
"db": "CERT/CC",
"id": "VU#289705"
},
{
"db": "BID",
"id": "17953"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:quicktime",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mike PriceATmaCA atmaca@atmacasoft.com http://www.zerodayinitiative.com/ Sowhat smaillist@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1458",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2006-1458",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-17566",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-1458",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#160012",
"trust": 0.8,
"value": "2.57"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#289705",
"trust": 0.8,
"value": "17.71"
},
{
"author": "NVD",
"id": "CVE-2006-1458",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200510-060",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17566",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#160012"
},
{
"db": "CERT/CC",
"id": "VU#289705"
},
{
"db": "VULHUB",
"id": "VHN-17566"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. Apple QuickTime fails to properly handle JPEG images. Apple Quicktime Has multiple vulnerabilities. For more information, see the information provided by the vendor. These issues affect both Mac OS X and Microsoft Windows releases of the software. \nSuccessful exploits will result in the execution of arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely cause denial-of-service conditions. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. CVE-2006-1461 An attacker can create a specially crafted Flash movie to trigger a buffer overflow, resulting in arbitrary command execution with user privileges or denial of service. CVE-2006-1462, CVE-2006-1463 An attacker can create a specially crafted H.264 movie to trigger integer overflow or buffer overflow, resulting in arbitrary command execution with user privileges or denial of service. CVE-2006-1464 An attacker can create a specially crafted MPEG4 movie to trigger a buffer overflow, resulting in arbitrary command execution or denial of service with user privileges. CVE-2006-1465 An attacker can create a specially crafted AVI movie to trigger a buffer overflow, resulting in arbitrary command execution or denial of service with user privileges. CVE-2006-1453, CVE-2006-1454 QuickDraw has two vulnerabilities when processing malformed PICT files. Malformed font information may cause stack overflow, and malformed graphics data may cause heap overflow. An attacker can create specially crafted PICT graphics. CVE-2006-2238 An attacker can create a specially crafted BMP graphic to trigger a buffer overflow, causing arbitrary commands to be executed with user privileges or denial of service. \n\nTITLE:\nMandriva update for ruby\n\nSECUNIA ADVISORY ID:\nSA17285\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17285/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nMandrake Corporate Server 2.x\nhttp://secunia.com/product/1222/\nMandrakelinux 10.1\nhttp://secunia.com/product/4198/\n\nDESCRIPTION:\nMandriva has issued an update for ruby. This fixes a vulnerability,\nwhich can be exploited by malicious people to bypass certain security\nrestrictions. \n\nFor more information:\nSA16904\n\nSOLUTION:\nApply updated packages. \n\nMandrakelinux 10.1:\n\n013e98f0b0a09acd8c48b5d438c4e151\n10.1/RPMS/ruby-1.8.1-4.4.101mdk.i586.rpm\n479e965b6302bd0e74b8699f0a7b9f46\n10.1/RPMS/ruby-devel-1.8.1-4.4.101mdk.i586.rpm\nb5654a6d4bab0b5a33e3e65fdb8bab52\n10.1/RPMS/ruby-doc-1.8.1-4.4.101mdk.i586.rpm\n2294bfd6f57ebc2cc6eb353e4a62a4b5\n10.1/RPMS/ruby-tk-1.8.1-4.4.101mdk.i586.rpm\n5407dfbbb45af31d3ffa53f120773f77\n10.1/SRPMS/ruby-1.8.1-4.4.101mdk.src.rpm\n\nMandrakelinux 10.1/X86_64:\n\nb8347f871a62a176f049cbe010e298ce\nx86_64/10.1/RPMS/ruby-1.8.1-4.4.101mdk.x86_64.rpm\nb9ac7ecba0bc317869795146cf3cc5a4\nx86_64/10.1/RPMS/ruby-devel-1.8.1-4.4.101mdk.x86_64.rpm\n7803195d658cdf63324f8bf54753018e\nx86_64/10.1/RPMS/ruby-doc-1.8.1-4.4.101mdk.x86_64.rpm\n0f6cb61b12453673ef4a7fb99b6069af\nx86_64/10.1/RPMS/ruby-tk-1.8.1-4.4.101mdk.x86_64.rpm\n5407dfbbb45af31d3ffa53f120773f77\nx86_64/10.1/SRPMS/ruby-1.8.1-4.4.101mdk.src.rpm\n\nCorporate Server 2.1:\n\n2aa9219b24bbcf8673df418eb373881b\ncorporate/2.1/RPMS/ruby-devel-1.6.7-5.3.C21mdk.i586.rpm\ne5b4282401bf2c0794d14b52d7c6c319\ncorporate/2.1/RPMS/ruby-1.6.7-5.3.C21mdk.i586.rpm\ne72d411868d4ca8d7a05ba2e0baee926\ncorporate/2.1/RPMS/ruby-doc-1.6.7-5.3.C21mdk.i586.rpm\nc795d629e28719f7fe1e8a1619805fdc\ncorporate/2.1/RPMS/ruby-tk-1.6.7-5.3.C21mdk.i586.rpm\n61457cb16d1b24e1c31a10c687af94ef\ncorporate/2.1/SRPMS/ruby-1.6.7-5.3.C21mdk.src.rpm\n\nCorporate Server 2.1/X86_64:\n\nd477751b1302ec7c5f271fe9597216fa\nx86_64/corporate/2.1/RPMS/ruby-1.6.7-5.3.C21mdk.x86_64.rpm\nb7ac888d722dc6fb8c5b9b9207e34ea3\nx86_64/corporate/2.1/RPMS/ruby-devel-1.6.7-5.3.C21mdk.x86_64.rpm\n27a29077b76158382c514b965fdf614f\nx86_64/corporate/2.1/RPMS/ruby-doc-1.6.7-5.3.C21mdk.x86_64.rpm\n0e4752d11d67acdabc4561c37c41511e\nx86_64/corporate/2.1/RPMS/ruby-tk-1.6.7-5.3.C21mdk.x86_64.rpm\n61457cb16d1b24e1c31a10c687af94ef\nx86_64/corporate/2.1/SRPMS/ruby-1.6.7-5.3.C21mdk.src.rpm\n\nORIGINAL ADVISORY:\nhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:191\n\nOTHER REFERENCES:\nSA16904:\nhttp://secunia.com/advisories/16904/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1458"
},
{
"db": "CERT/CC",
"id": "VU#160012"
},
{
"db": "CERT/CC",
"id": "VU#289705"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"db": "BID",
"id": "17953"
},
{
"db": "VULHUB",
"id": "VHN-17566"
},
{
"db": "PACKETSTORM",
"id": "40845"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1458",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#289705",
"trust": 2.7
},
{
"db": "BID",
"id": "17953",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "20069",
"trust": 1.9
},
{
"db": "USCERT",
"id": "TA06-132B",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1016067",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "16904",
"trust": 1.4
},
{
"db": "CERT/CC",
"id": "VU#160012",
"trust": 1.4
},
{
"db": "VUPEN",
"id": "ADV-2006-1778",
"trust": 1.1
},
{
"db": "XF",
"id": "26391",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200510-060",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "17285",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "17094",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "17147",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "17129",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "20077",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "17098",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "19130",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-860",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-862",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-864",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-05-11",
"trust": 0.6
},
{
"db": "SECTRACK",
"id": "1014948",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2006:005",
"trust": 0.6
},
{
"db": "USCERT",
"id": "TA06-132A",
"trust": 0.6
},
{
"db": "BID",
"id": "17951",
"trust": 0.6
},
{
"db": "BID",
"id": "14909",
"trust": 0.6
},
{
"db": "XF",
"id": "22360",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200510-05",
"trust": 0.6
},
{
"db": "SREASON",
"id": "59",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA06-132A",
"trust": 0.6
},
{
"db": "VUPEN",
"id": "ADV-2006-1779",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2005:191",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-195-1",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:799",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-17566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "40845",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#160012"
},
{
"db": "CERT/CC",
"id": "VU#289705"
},
{
"db": "VULHUB",
"id": "VHN-17566"
},
{
"db": "BID",
"id": "17953"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"db": "PACKETSTORM",
"id": "40845"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"id": "VAR-200510-0403",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-17566"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T20:43:23.462000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TA24130",
"trust": 0.8,
"url": "http://support.apple.com/kb/TA24130"
},
{
"title": "TA24130",
"trust": 0.8,
"url": "http://support.apple.com/kb/TA24130?viewlocale=ja_JP"
},
{
"title": "TA06-132B",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta06-132b.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17566"
},
{
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/17953"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-132b.html"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/289705"
},
{
"trust": 1.9,
"url": "http://securitytracker.com/id?1016067"
},
{
"trust": 1.9,
"url": "http://secunia.com/advisories/20069"
},
{
"trust": 1.4,
"url": "http://www.ruby-lang.org/en/20051003.html"
},
{
"trust": 1.4,
"url": "http://jvn.jp/jp/jvn%2362914675/index.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2006/may/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1778"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26391"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/16904/"
},
{
"trust": 0.8,
"url": "http://www.rubycentral.com/book/taint.html"
},
{
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/quicktime71.html "
},
{
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=303752 "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1458"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/1778"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/26391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-132b/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-1458"
},
{
"trust": 0.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:191"
},
{
"trust": 0.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-132a.html"
},
{
"trust": 0.6,
"url": "http://www.kb.cert.org/vuls/id/160012"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/16904"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/22360"
},
{
"trust": 0.6,
"url": "http://www.ubuntu.com/usn/usn-195-1"
},
{
"trust": 0.6,
"url": "http://www.securitytracker.com/alerts/2005/sep/1014948.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/17951"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/14909"
},
{
"trust": 0.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-799.html"
},
{
"trust": 0.6,
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"trust": 0.6,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-05.xml"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1779"
},
{
"trust": 0.6,
"url": "http://www.debian.org/security/2005/dsa-864"
},
{
"trust": 0.6,
"url": "http://www.debian.org/security/2005/dsa-862"
},
{
"trust": 0.6,
"url": "http://www.debian.org/security/2005/dsa-860"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/20077"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/19130"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/17285"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/17147"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/17129"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/17098"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/17094"
},
{
"trust": 0.6,
"url": "http://lists.apple.com/archives/security-announce/2006/may/msg00003.html"
},
{
"trust": 0.6,
"url": "http://securityreason.com/securityalert/59"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=303752"
},
{
"trust": 0.3,
"url": "http://www.apple.com/quicktime/"
},
{
"trust": 0.3,
"url": "/archive/1/433850"
},
{
"trust": 0.3,
"url": "/archive/1/433810"
},
{
"trust": 0.3,
"url": "/archive/1/433828"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17285/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1222/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#160012"
},
{
"db": "CERT/CC",
"id": "VU#289705"
},
{
"db": "VULHUB",
"id": "VHN-17566"
},
{
"db": "BID",
"id": "17953"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"db": "PACKETSTORM",
"id": "40845"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#160012"
},
{
"db": "CERT/CC",
"id": "VU#289705"
},
{
"db": "VULHUB",
"id": "VHN-17566"
},
{
"db": "BID",
"id": "17953"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"db": "PACKETSTORM",
"id": "40845"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-05T00:00:00",
"db": "CERT/CC",
"id": "VU#160012"
},
{
"date": "2006-05-12T00:00:00",
"db": "CERT/CC",
"id": "VU#289705"
},
{
"date": "2006-05-12T00:00:00",
"db": "VULHUB",
"id": "VHN-17566"
},
{
"date": "2006-05-11T00:00:00",
"db": "BID",
"id": "17953"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"date": "2005-10-24T22:35:49",
"db": "PACKETSTORM",
"id": "40845"
},
{
"date": "2005-10-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"date": "2006-05-12T20:06:00",
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-16T00:00:00",
"db": "CERT/CC",
"id": "VU#160012"
},
{
"date": "2006-05-17T00:00:00",
"db": "CERT/CC",
"id": "VU#289705"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-17566"
},
{
"date": "2006-05-15T22:29:00",
"db": "BID",
"id": "17953"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000965"
},
{
"date": "2007-01-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200510-060"
},
{
"date": "2024-11-21T00:08:54.607000",
"db": "NVD",
"id": "CVE-2006-1458"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruby safe-level security model bypass",
"sources": [
{
"db": "CERT/CC",
"id": "VU#160012"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-060"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…