Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-16 | CVE-2005-2561 | SQL Injection vulnerability in Myfaq 1.0 Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the Theme parameter to (1) affichagefaq.php3, (2) choixsoustheme.php3, (3) consultation.php3, (4) insfaq.php3, (5) inssoustheme.php3, (6) instheme.php3, (7) saisiefaqtotale.php3, (8) saisiesoustheme.php3, or (9) voirfaq.php3, the SousTheme parameter to (10) affichagefaq.php3, (11) consultation.php3, (12) insfaq.php3, (13) inssoustheme.php3, (14) saisiefaq.php3, (15) saisiefaqtotale.php3, or (16) voirfaq.php3, the Faq parameter to (17) saisiefaq.php3, (18) voirfaq.php3, or (19) inssolution.php3, or (20) question parameter to affichagefaq.php3. | 7.5 |
| 2005-08-16 | CVE-2005-2560 | Cross-Site Scripting vulnerability in AderSoftware CFBB Index.CFM Cross-site scripting (XSS) vulnerability in index.cfm in CFBB 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter. network ader-software | 4.3 |
| 2005-08-16 | CVE-2005-2558 | Buffer Overflow vulnerability in MySQL User-Defined Function Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. | 4.6 |
| 2005-08-16 | CVE-2005-2470 | Remote Buffer Overflow vulnerability in Adobe Acrobat and Adobe Reader Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | 7.5 |
| 2005-08-16 | CVE-2005-2358 | Directory Traversal And Information Disclosure vulnerability in EMC Navisphere Manager EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot). | 5.0 |
| 2005-08-16 | CVE-2005-2357 | Directory Traversal And Information Disclosure vulnerability in EMC Navisphere Manager Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-08-16 | CVE-2005-2103 | Incorrect Calculation of Buffer Size vulnerability in Gaim Project Gaim 0.75 Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n. | 9.8 |
| 2005-08-16 | CVE-2005-2102 | Multiple vulnerability in Gaim AIM/ICQ Protocols The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters. | 5.0 |
| 2005-08-16 | CVE-2005-2097 | Remote Denial of Service vulnerability in XPDF Loca Table Verification xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information. | 2.1 |
| 2005-08-12 | CVE-2005-2554 | Local Information Disclosure vulnerability in Network Associates Epolicy Orchestrator Agent 3.5.0(Patch3) The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory. | 2.1 |