Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-20 | CVE-2005-2759 | Local Privilege Escalation vulnerability in Symantec Norton Antivirus 9.0.3 ** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. | 7.2 |
2005-10-20 | CVE-2005-3263 | Remote vulnerability in RARLAB WinRAR Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name. | 7.5 |
2005-10-20 | CVE-2005-3262 | Remote vulnerability in RARLAB WinRAR Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename. | 7.5 |
2005-10-20 | CVE-2005-3261 | Information Disclosure vulnerability in Versatilebulletinboard 1.0.0.Rc2 getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request. | 5.0 |
2005-10-20 | CVE-2005-3260 | Cross-Site Scripting vulnerability in Versatilebulletinboard 1.0.0.Rc2 Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php. network versatilebulletinboard | 4.3 |
2005-10-20 | CVE-2005-3259 | SQL Injection vulnerability in Versatilebulletinboard 1.0.0.Rc2 Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php. | 7.5 |
2005-10-20 | CVE-2005-3258 | Unspecified vulnerability in Squid The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. | 5.0 |
2005-10-20 | CVE-2005-3182 | Remote Buffer Overflow vulnerability in GFI Mailsecurity 8.1 Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. | 7.5 |
2005-10-20 | CVE-2005-2971 | Remote Buffer Overflow vulnerability in KDE KOffice KWord RTF Import Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. | 7.5 |
2005-10-20 | CVE-2005-2469 | Remote Buffer Overflow vulnerability in Novell Netmail 3.5.2 Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command. | 4.6 |