Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-12 | CVE-2005-1219 | Buffer Overflow vulnerability in Microsoft Windows Color Management Module ICC Profile Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags. | 7.5 |
2005-07-12 | CVE-2005-0564 | Unspecified vulnerability in Microsoft Word 2000/2002 Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information. | 7.5 |
2005-07-11 | CVE-2005-2214 | Unspecified vulnerability in Debian Apt-Setup apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords. | 4.6 |
2005-07-11 | CVE-2005-2213 | Remote Security vulnerability in MMS Ripper Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams. | 7.5 |
2005-07-11 | CVE-2005-2212 | Remote Security vulnerability in Sukria Backup Manager 0.5.8A Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository. | 6.4 |
2005-07-11 | CVE-2005-2211 | Local Security vulnerability in Sukria Backup Manager 0.5.8A Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR. | 4.6 |
2005-07-11 | CVE-2005-2209 | Cleartext Storage of Sensitive Information vulnerability in Capturix Scanshare 1.06 Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users. | 5.5 |
2005-07-11 | CVE-2005-2208 | Denial-Of-Service vulnerability in Privashare 1.1B PrivaShare 1.1b allows remote attackers to cause a denial of service (crash) via a malformed message. | 5.0 |
2005-07-11 | CVE-2005-2207 | Cross-Site Scripting vulnerability in CartWIZ Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. network elemental-software | 4.3 |
2005-07-11 | CVE-2005-2206 | SQL-Injection vulnerability in CartWIZ Multiple SQL injection vulnerabilities in CartWIZ allow remote attackers to modify SQL statements via the (1) idProduct parameter to tellAFriend.asp, (2) sortType parameter to viewSupportTickets.asp, or the id parameter to (3) updateCreditCards.asp or (4) deleteCreditCards.asp. | 7.5 |