Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-26 | CVE-2005-3305 | SQL Injection vulnerability in Nuked-Klan 1.7 Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file. | 7.5 |
| 2005-10-26 | CVE-2005-3304 | Modules SQL Injection vulnerability in Francisco Burzi PHP-Nuke 7.8 Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. | 7.5 |
| 2005-10-26 | CVE-2005-2746 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | 5.0 |
| 2005-10-26 | CVE-2005-2745 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information. | 5.0 |
| 2005-10-26 | CVE-2005-2743 | Unspecified vulnerability in Apple mac OS X, mac OS X Server and Quicktime The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code. | 7.5 |
| 2005-10-26 | CVE-2005-2742 | Unspecified vulnerability in Apple mac OS X and mac OS X Server SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting. | 4.6 |
| 2005-10-26 | CVE-2005-2741 | Permissions, Privileges, and Access Controls vulnerability in multiple products Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. | 7.2 |
| 2005-10-26 | CVE-2005-2524 | Unspecified vulnerability in Apple mac OS X, mac OS X Server and Safari Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site. | 5.0 |
| 2005-10-25 | CVE-2005-2748 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. | 2.1 |
| 2005-10-25 | CVE-2005-2747 | Multiple vulnerability in Apple Mac OS X Security Update 2005-008 Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file. | 7.5 |