Alexander Hristov

#10183of 53,638
27.1Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2007-1435
7.1
2007-03-07
Google · Google Earth · CVE-2006-7157
**Name of the Vulnerable Software and Affected Versions** Google Earth version 4.0.2091 (beta) **Description** A buffer overflow issue allows remote user-assisted attackers to cause a denial of service, resulting in a crash, via a KML or KMZ file containing a long `href` element. **Recommendations** For Google Earth version 4.0.2091 (beta), consider avoiding the use of KML or KMZ files with long `href` elements until a fix is available. As a temporary workaround, restrict the handling of such files to minimize the risk of a denial of service.
PT-2006-6136
5.0
2006-10-20
Mcafee · Mcafee Network Agent · CVE-2006-5417
**Name of the Vulnerable Software and Affected Versions** McAfee Network Agent version 1.0.178.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in the agent crashing, potentially due to an invalid string position field value when a long packet is sent. **Recommendations** For McAfee Network Agent version 1.0.178.0, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2006-2657
7.5
2006-04-07
Limbo · Limbo Cms · CVE-2006-1662
Name of the Vulnerable Software and Affected Versions: Limbo CMS versions 1.0.4.1 through 1.0.4.2 Description: The issue allows remote attackers to execute arbitrary PHP commands. This is achieved via the `Itemid` parameter in the "index.php" endpoint. Recommendations: For Limbo CMS versions 1.0.4.1 and 1.0.4.2, consider restricting access to the `index.php` endpoint to minimize the risk of exploitation. Avoid using the `Itemid` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2006-1769
7.5
2006-02-15
Snews · Snews · CVE-2006-0716
**Name of the Vulnerable Software and Affected Versions** sNews version 1.3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `category` and `id` parameters in the "index.php" file. **Recommendations** For sNews version 1.3, consider restricting access to the vulnerable parameters `category` and `id` in the "index.php" file until a patch is available. As a temporary workaround, avoid using the `category` and `id` parameters in the affected API endpoint until the issue is resolved.