Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-22 | CVE-2005-4477 | Cross-Site Scripting vulnerability in Papaya CMS Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter. network papaya | 6.8 |
2005-12-22 | CVE-2005-4476 | Cross-Site Scripting vulnerability in OpenEdit Results.HTML Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page parameters. network openedit-inc | 6.8 |
2005-12-22 | CVE-2005-4475 | Cross-Site Scripting vulnerability in OpenCMS Search Module Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. network alkacon | 6.8 |
2005-12-22 | CVE-2005-3631 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords. | 4.6 |
2005-12-22 | CVE-2005-4474 | Buffer Overflow vulnerability in Rarlab Winrar 3.51 Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-ANSI characters, as demonstrated using a Chinese filename, possibly due to buffer expansion when using the WideCharToMultiByte API. | 5.1 |
2005-12-22 | CVE-2005-4473 | Multiple vulnerability in Macromedia JRun Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." | 5.0 |
2005-12-22 | CVE-2005-4472 | Multiple vulnerability in Macromedia JRun Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters. | 7.5 |
2005-12-22 | CVE-2005-4471 | Remote Denial of Service vulnerability in Avaya Modular Messaging Message Storage Server 1.1/2.0 POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | 5.0 |
2005-12-22 | CVE-2005-4470 | Integer Overflow vulnerability in Blender BlenLoader File Processing Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. | 7.5 |
2005-12-22 | CVE-2005-4469 | Remote Script Code Execution vulnerability in PHPGedView Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_register.php, which is directly inserted into authenticate.php. | 7.5 |