Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | February 2006

February 2006

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
Macromedia	ShockWave Player ActiveX Installer Buffer Overflow	27/02/06
IBM	Malformed LDAP request will abnormally terminate the IBM Tivoli Directory Server	24/02/06
iUser Ecommerce	iUser Ecommerce - Remote Command Execution Vulnerability	24/02/06
Mandriva	Updated metamail packages fix vulnerability	24/02/06
Novell	CASA remote code execution	24/02/06
redhat	metamail security update	23/02/06
Media Gallery	Geeklog Media Gallery Module SQL Injection and File Inclusion	23/02/06
Mamboserver	Potential Vulnerability Reported, Patch Released	23/02/06
Hewlett-Packard	HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access	22/02/06
Secunia	Mac OS X "__MACOSX" ZIP Archive Shell Script Execution	22/02/06
FrSIRT	Nullsoft Winamp Playlist Handling Multiple Buffer Overflow Vulnerabilities	20/02/06
HostAdmin	HostAdmin - Remote Command Execution Vulnerability	20/02/06
Slackware	Update for kdelibs	17/02/06
Avaya	Avaya Products WMF Image Parsing Vulnerability	17/02/06
Gentoo	Sun JDK/JRE: Applet privilege escalation	16/02/06
Cisco	Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products	16/02/06
Microsoft	Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)	15/02/06
Microsoft	Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)	15/02/06
Microsoft	Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)	15/02/06
Microsoft	Vulnerability in TCP/IP Could Allow Denial of Service (913446)	15/02/06
Microsoft	Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)	15/02/06
Microsoft	Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)	15/02/06
Microsoft	Cumulative Security Update for Internet Explorer (910620)	15/02/06
Secunia	Debian update for elog	13/02/06
IBM	Lotus Notes Multiple Vulnerabilities	13/02/06
Microsoft	Internet Explorer Unspecified WMF Image Handling Vulnerability	09/02/06
Sun	Sun Java JRE "reflection" APIs Sandbox Security Bypass	09/02/06
Sun	Java Web Start Sandbox Security Bypass Vulnerability	09/02/06
Suse	Updates for Multiple Packages	07/02/06
Redhat	Update for mozilla	07/02/06
Redhat	Update for firefox	07/02/06
Fedora	Update for firefox	07/02/06
Fedora	Update for mozilla	07/02/06
FrSIRT	Redhat Security Update Fixes GD Multiple Buffer Overflow Vulnerabilities	03/02/06
Secunia	Mozilla Suite XML Injection and Code Execution Vulnerabilities	03/02/06
Secunia	Thunderbird Multiple Vulnerabilities	03/02/06
Mozilla	Firefox Multiple Vulnerabilities	03/02/06
Hewlett-Packard	HP Tru64 UNIX Running DNS BIND Remote Unauthorized Privileged Access	03/02/06
Symantec	Symantec Sygate Management Server: SMS Authentication Servlet	03/02/06
US-CERT	Winamp fails to properly handle playlists with long "file" parameter	02/02/06
US-CERT	Microsoft Internet Explorer does not honor ActiveX kill bit	02/02/06