Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-4827 | Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. | 7.5 |
| 2005-12-31 | CVE-2005-4826 | Denial Of Service vulnerability in Cisco IOS 12.1(22)Ea3 Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. low complexity cisco | 6.1 |
| 2005-12-31 | CVE-2005-4825 | Denial-Of-Service vulnerability in Cisco Clean Access (CCA) Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332. | 5.7 |
| 2005-12-31 | CVE-2005-4824 | Remote Security vulnerability in Siteframe PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965. | 7.5 |
| 2005-12-31 | CVE-2005-4823 | Buffer Overflow vulnerability in HP HTTP Server Remote Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2005-12-31 | CVE-2005-4822 | SQL Injection vulnerability in Digger Solutions Intranet Open Source Project-Edit.ASP SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4820 | Remote Denial Of Service vulnerability in SMC SMC7904WBRA Wireless Router SMC Wireless Router model SMC7904WBRA allows remote attackers to cause a denial of service (reboot) by flooding the router with traffic. | 5.0 |
| 2005-12-31 | CVE-2005-4819 | Cross-Site Scripting vulnerability in Lotus Domino Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network ibm | 6.8 |
| 2005-12-31 | CVE-2005-4818 | SQL Injection vulnerability in Copernicus Europa Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2005-12-31 | CVE-2005-4817 | Format String vulnerability in TMSNC Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function. | 7.5 |