Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-14 | CVE-2005-3199 | SQL Injection vulnerability in AspReady FAQ Manager Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters. | 7.5 |
| 2005-10-14 | CVE-2005-3198 | Local vulnerability in Webroot Software Desktop Firewall Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands. | 4.6 |
| 2005-10-14 | CVE-2005-3197 | Local vulnerability in Webroot Software Desktop Firewall 1.3.0.43 Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. | 7.2 |
| 2005-10-14 | CVE-2005-3196 | Unspecified vulnerability in Planet Technology Corp Fgsw2402Rs 1.2Firmware Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges. | 4.6 |
| 2005-10-14 | CVE-2005-3194 | Archive Formats File Name Buffer Overflow vulnerability in Estsoft Alzip 5.52English/6.12Korean/6.1International Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | 5.1 |
| 2005-10-14 | CVE-2005-2967 | Remote CDDB Information Format String vulnerability in Xine-Lib Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | 7.5 |
| 2005-10-14 | CVE-2005-2661 | Remote Format String vulnerability in Up-Imapproxy 1.2.3/1.2.4 Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line. | 7.5 |
| 2005-10-13 | CVE-2005-3190 | Unspecified vulnerability in Broadcom Igateway 3.0/4.0 Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. | 7.5 |
| 2005-10-13 | CVE-2005-3185 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. | 7.5 |
| 2005-10-13 | CVE-2005-2992 | Unspecified vulnerability in ARC arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. | 2.1 |