Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-18 | CVE-2005-2286 | Unspecified vulnerability in ESI products Webeoc WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct request to a resource. | 10.0 |
| 2005-07-18 | CVE-2005-2285 | Unspecified vulnerability in ESI products Webeoc WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration. | 5.0 |
| 2005-07-18 | CVE-2005-2284 | Unspecified vulnerability in ESI products Webeoc Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack vectors. | 7.5 |
| 2005-07-18 | CVE-2005-2283 | Unspecified vulnerability in ESI products Webeoc WebEOC before 6.0.2 does not properly restrict the size of an uploaded file, which allows remote authenticated users to cause a denial of service (system and database resource consumption) via a large file. | 2.1 |
| 2005-07-18 | CVE-2005-2282 | Unspecified vulnerability in ESI products Webeoc 6.0.2 Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before 6.0.2 allow remote attackers to inject arbitrary web script and HTML via unknown vectors. network esi-products | 4.3 |
| 2005-07-18 | CVE-2005-2281 | Inadequate Encryption Strength vulnerability in Juvare Webeoc WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords. | 7.5 |
| 2005-07-18 | CVE-2005-2280 | Unspecified vulnerability in Cisco Security Agent 4.5 Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. | 5.0 |
| 2005-07-18 | CVE-2005-2279 | Remote Denial Of Service vulnerability in Cisco ONS 15216 OADM Management Plane Telnet Service Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data. | 5.0 |
| 2005-07-18 | CVE-2005-2278 | Unspecified vulnerability in Mailenable Professional 1.54 Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name. | 7.2 |
| 2005-07-18 | CVE-2005-2195 | Denial-Of-Service vulnerability in Darwin Streaming Server Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502. | 5.0 |