Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-19 | CVE-2005-3683 | Buffer Overflow vulnerability in FreeFTPD User Command Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command. | 7.5 |
| 2005-11-18 | CVE-2005-3682 | Unspecified vulnerability in Wizz Forum Wizz Forum 1.20 Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php. | 7.5 |
| 2005-11-18 | CVE-2005-3681 | Unspecified vulnerability in Xoops Wf-Downloads 2.05 SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers to execute arbitrary SQL commands via the list parameter. | 7.5 |
| 2005-11-18 | CVE-2005-3680 | Unspecified vulnerability in Xoops 2.2.3 Directory traversal vulnerability in editor_registry.php in XOOPS 2.2.3 allows remote attackers to read or include arbitrary local files via a .. | 6.4 |
| 2005-11-18 | CVE-2005-3679 | Unspecified vulnerability in Activecampaign 1-2-All Broadcast Email 4.07 SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel. | 7.5 |
| 2005-11-18 | CVE-2005-3678 | Improper Input Validation vulnerability in Google Talk Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a denial of service (connection reset) via email with a blank sender. | 5.0 |
| 2005-11-18 | CVE-2005-3677 | Unspecified vulnerability in Realnetworks Realplayer Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. | 7.5 |
| 2005-11-18 | CVE-2005-3676 | Unspecified vulnerability in PHPwebthings 1.4.4 SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter. | 7.5 |
| 2005-11-18 | CVE-2005-3675 | Unspecified vulnerability in TCP The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth. | 7.8 |
| 2005-11-18 | CVE-2005-3353 | Denial Of Service vulnerability in PHP Group Exif Module Infinite Recursion The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image. | 5.0 |