Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-2342 | Denial Of Service vulnerability in Blackberry Enterprise Server Router SRP Packet Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. | 7.8 |
| 2005-12-31 | CVE-2005-2341 | Buffer Errors vulnerability in RIM products Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file. | 7.5 |
| 2005-12-31 | CVE-2005-2340 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. | 7.5 |
| 2005-12-31 | CVE-2005-2316 | Denial-Of-Service vulnerability in dnrd Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to cause a denial of service (infinite recursion) via a DNS packet that uses message compression in the QNAME and two pointers that point to each other (circular buffer). | 5.0 |
| 2005-12-31 | CVE-2005-2315 | Remote Security vulnerability in dnrd Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared. | 7.5 |
| 2005-12-31 | CVE-2005-2194 | TCP/IP Remote Denial Of Service vulnerability in Apple Mac OSX Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing. | 5.0 |
| 2005-12-31 | CVE-2005-1976 | Unspecified vulnerability in Novell Netmail 3.5.2 Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files. | 1.7 |
| 2005-12-31 | CVE-2005-1939 | Directory Traversal vulnerability in Ipswitch Whatsup Small Business 2004 Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in a request to the Report service (TCP 8022). | 5.0 |
| 2005-12-31 | CVE-2005-1924 | Remote Command Execution vulnerability in SquirrelMail G/PGP Encryption Plug-in The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. | 9.3 |
| 2005-12-31 | CVE-2005-1918 | Path Traversal vulnerability in multiple products The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". | 2.6 |