Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-23 | CVE-2005-4507 | Multiple vulnerability in Nexus Concepts Dev Hound Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields. network nexus-concepts | 4.3 |
2005-12-23 | CVE-2005-4506 | Multiple vulnerability in Nexus Concepts Dev Hound Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges. | 4.6 |
2005-12-23 | CVE-2005-4505 | Local Privilege Escalation vulnerability in McAfee VirusScan Path Specification Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path. | 7.2 |
2005-12-22 | CVE-2005-4504 | Remote Denial of Service vulnerability in Apple Mac OS X KHTMLParser The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. | 7.8 |
2005-12-22 | CVE-2005-3660 | Local Socket Buffer Memory Exhaustion Denial of Service vulnerability in Linux Kernel Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference. | 4.9 |
2005-12-22 | CVE-2005-3537 | Multiple Unspecified vulnerability in PHPBB A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs. | 5.0 |
2005-12-22 | CVE-2005-3536 | Multiple Unspecified vulnerability in PHPBB SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type. | 7.5 |
2005-12-22 | CVE-2005-4503 | Multiple vulnerability in Net-Square Httprint 202 httprint v202, and possibly other versions before v301, allows remote attackers to cause a denial of service (crash) via a long Server field in an HTTP response. | 5.0 |
2005-12-22 | CVE-2005-4502 | Multiple vulnerability in Net-Square Httprint 202 Cross-site scripting (XSS) vulnerability in httprint v202, and possibly other versions before v301, allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response, which is not sanitized before being displayed to the user. network net-square | 4.3 |
2005-12-22 | CVE-2005-4501 | Unspecified vulnerability in Mediawiki MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer. network mediawiki | 4.3 |