Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-23 | CVE-2005-2677 | Information Disclosure vulnerability in ACNews ACNews stores the database in a file under the web document root with a db.inc extension and insufficient access control, which allows remote attackers to obtain sensitive information such as the full pathname of the server. | 5.0 |
2005-08-23 | CVE-2005-2676 | Unspecified vulnerability in Coppermine Photo Gallery Cross-site scripting (XSS) vulnerability in displayimage.php in Coppermine Photo Gallery before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via EXIF data. network coppermine | 4.3 |
2005-08-23 | CVE-2005-2673 | SQL Injection vulnerability in Woltlab Burning Board 2.2.2/2.2.3 SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2.2 and 2.3.3 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) x or (2) y parameters. | 7.5 |
2005-08-23 | CVE-2005-2672 | Unspecified vulnerability in LM Sensors LM Sensors pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file. | 2.1 |
2005-08-23 | CVE-2005-2670 | Directory Traversal vulnerability in HAURI Anti-Virus Compressed Files Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB, (4) LZH, (5) RAR, (6) TAR and (7) ZIP files. | 5.0 |
2005-08-23 | CVE-2005-2669 | Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. | 10.0 |
2005-08-23 | CVE-2005-2668 | Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2005-08-23 | CVE-2005-2667 | Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows attackers to cause a denial of service via unknown vectors, aka the "CAM TCP port vulnerability." | 5.0 |
2005-08-23 | CVE-2005-2665 | Remote Buffer Overflow vulnerability in Elm Expires Header Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute arbitrary code via an e-mail message with a long Expires header. | 7.5 |
2005-08-23 | CVE-2005-2664 | Unspecified vulnerability in Whisper32 1.16 Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory. | 2.1 |