Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-27 | CVE-2005-3324 | SQL Injection vulnerability in Appindex Mwchat 6.8 SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
| 2005-10-27 | CVE-2005-3323 | docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. | 7.5 |
| 2005-10-27 | CVE-2005-3322 | Denial of Service vulnerability in SUSE Linux Squid Proxy SSL Handling Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL). | 5.0 |
| 2005-10-27 | CVE-2005-3321 | chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. | 4.6 |
| 2005-10-27 | CVE-2005-3320 | Cross-Site Scripting vulnerability in SiteTurn Domain Manager Pro Admin Panel Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro allows remote attackers to inject arbitrary web script or HTML via the err parameter in the panel script. | 2.6 |
| 2005-10-27 | CVE-2005-3319 | Local Denial of Service vulnerability in PHP Apache 2 The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost. | 2.1 |
| 2005-10-27 | CVE-2005-3318 | Stack Buffer Overflow vulnerability in Jed Wing CHM Lib Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930. | 5.1 |
| 2005-10-27 | CVE-2005-3317 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Zipgenius Standard5.5.1.468/Suite5.5.1.468 Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename, which is not properly handled by (a) zipgenius.exe, (b) zg.exe, (c) zgtips.dll, and (d) contmenu.dll; (2) a long original name in a (a) UUE, (b) XXE, or (c) MIM file, which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename, which is not properly handled by unacev2.dll. | 7.5 |
| 2005-10-27 | CVE-2005-3316 | Unspecified vulnerability in Symantec Discovery and ON Command Discovery The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password. | 7.5 |
| 2005-10-27 | CVE-2005-3267 | Numeric Errors vulnerability in Skype Technologies Skype Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow. | 10.0 |