Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-05 | CVE-2005-3501 | Resource Management Errors vulnerability in Clamav The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length. | 4.3 |
2005-11-05 | CVE-2005-3500 | Denial Of Service vulnerability in Clam Anti-Virus ClamAV TNEF File Handling The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block. | 5.0 |
2005-11-05 | CVE-2005-3303 | Buffer Overflow vulnerability in Clam Anti-Virus ClamAV FSG File Handling The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. | 7.5 |
2005-11-05 | CVE-2005-2756 | Remote Buffer Overflow vulnerability in Apple QuickTime Compressed PICT Data Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion. | 5.1 |
2005-11-05 | CVE-2005-2755 | Denial of Service vulnerability in Apple QuickTime Null Pointer Dereference Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference. | 2.6 |
2005-11-05 | CVE-2005-2754 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | 5.1 |
2005-11-05 | CVE-2005-2753 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string. | 5.1 |
2005-11-05 | CVE-2005-2628 | Unspecified vulnerability in Macromedia Flash Player Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. | 5.1 |
2005-11-04 | CVE-2005-3499 | Unspecified vulnerability in Frisk Software F-Prot Antivirus Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file. | 7.5 |
2005-11-04 | CVE-2005-3498 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive information. | 4.3 |