Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-04 | CVE-2005-2455 | Remote Information Disclosure vulnerability in Greasemonkey 0.3.3 Greasemonkey before 0.3.5 allows remote web servers to (1) read arbitrary files via a GET request to a file:// URL in the GM_xmlhttpRequest API function, (2) list installed scripts using GM_scripts, or obtain sensitive information via (3) GM_setValue and GM_getValue. | 5.0 |
2005-08-04 | CVE-2005-2453 | Cross-Site Scripting vulnerability in NetworkActiv Web Server Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string. network networkactiv | 4.3 |
2005-08-03 | CVE-2005-2452 | Denial of Service vulnerability in Libtiff 3.5.5/3.5.7/3.6.1 libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. | 5.0 |
2005-08-03 | CVE-2005-2451 | Unspecified vulnerability in Cisco IOS and IOS XR Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | 2.1 |
2005-08-03 | CVE-2005-2450 | Integer Overflow vulnerability in Clam Anti-Virus Clamav 0.85/0.85.1/0.86 Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. | 7.5 |
2005-08-03 | CVE-2005-2449 | Insecure Temporary File Creation vulnerability in Gentoo Sandbox Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp. | 1.2 |
2005-08-03 | CVE-2005-2448 | Memory Alignment Remote Denial of Service vulnerability in EKG Libgadu Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems. | 5.0 |
2005-08-03 | CVE-2005-2445 | SQL Injection vulnerability in Early Impact Product Cart 2.6 SQL injection vulnerability in viewPrd.asp in Product Cart 2.6 allows remote attackers to execute arbitrary SQL commands via the idcategory parameter. | 7.5 |
2005-08-03 | CVE-2005-2444 | Information Disclosure vulnerability in Cerulean Studios Trillian PRO 3.1Build121 Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. | 2.1 |
2005-08-03 | CVE-2005-2443 | Information Disclosure vulnerability in Kshout Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords. | 5.0 |