Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-4795 | Local Security vulnerability in SUN Sunos 5.7/5.8 Unspecified vulnerability in the multi-language environment library (libmle) in Solaris 7 and 8, as shipped with the Japanese locale, allows local users to gain privileges via unknown attack vectors. | 7.2 |
| 2005-12-31 | CVE-2005-4794 | Remote Denial of Service vulnerability in Multiple Vendor DNS Message Decompression Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. | 5.0 |
| 2005-12-31 | CVE-2005-4793 | Remote Security vulnerability in Hitachi products Multiple unspecified vulnerabilities in the web utility function in Hitachi Cm2/Network Node Manager and JP1/Cm2/Network Node Manager before 20050930 allow attackers to execute arbitrary commands, disable services, and "exploit vulnerabilities." | 7.5 |
| 2005-12-31 | CVE-2005-4792 | SQL Injection vulnerability in PHPWebSite Search Module SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4791 | Local Privilege Escalation vulnerability in Novell Suse Linux 10.0 Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee. | 2.1 |
| 2005-12-31 | CVE-2005-4790 | Local Privilege Escalation vulnerability in Tomboy LD_LIBRARY_PATH Environment Variable Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. | 6.9 |
| 2005-12-31 | CVE-2005-4789 | Unspecified vulnerability in Suse Linux 9.2/9.3 resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level. | 2.1 |
| 2005-12-31 | CVE-2005-4788 | Unspecified vulnerability in Suse Linux 9.2/9.3 resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices." | 2.1 |
| 2005-12-31 | CVE-2005-4786 | Remote Buffer Overflow vulnerability in Hauri Livecall, Virobot and Vrazmain.Dll Buffer overflow in the archive decompression library (vrAZMain.dll 5.8.22.137), as used in HAURI anti-virus products including (1) ViRobot Expert 4.0, (2) ViRobot Advanced Server, and (3) HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a long filename. | 4.0 |
| 2005-12-31 | CVE-2005-4785 | HTML Injection vulnerability in JL Webworks Quickblogger 1.4 Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author ("your name") and (2) "comment" section. network jl-webworks | 4.3 |