Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-16 | CVE-2005-3568 | Denial of Service vulnerability in IBM DB2 Content Manager 8.2 db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allows local users to cause a denial of service (CPU consumption) by importing a corrupted Microsoft Excel file, aka "CORRUPTED EXEL FILE WILL CAUSE TEXT SEARCH PROCESS LOOPING." | 2.1 |
2005-11-16 | CVE-2005-3567 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Directory Server 5.2.0/6.0 slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors. | 5.8 |
2005-11-16 | CVE-2005-3566 | Local Buffer Overflow vulnerability in VERITAS Cluster Server for UNIX Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew. | 4.3 |
2005-11-16 | CVE-2005-3565 | Unauthorized Access vulnerability in HP Hp-Ux 11.00/11.11/11.23 Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors. | 7.5 |
2005-11-16 | CVE-2005-3564 | Local Privilege Escalation vulnerability in HP-UX ENVD envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors. | 7.2 |
2005-11-16 | CVE-2005-3560 | Unspecified vulnerability in Zonelabs products Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. | 7.5 |
2005-11-16 | CVE-2005-3559 | Unspecified vulnerability in Digium Asterisk Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. | 5.0 |
2005-11-16 | CVE-2005-3558 | Remote File Include vulnerability in Oste 1.0 PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters. | 7.5 |
2005-11-16 | CVE-2005-3557 | Input Validation vulnerability in PHPList Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and earlier allows remote attackers to access arbitrary files via a .. | 5.0 |
2005-11-16 | CVE-2005-3556 | Input Validation vulnerability in PHPList Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, and (10) action parameter in (h) admin/fckphplist.php. network tincan | 4.3 |