Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-29 | CVE-2005-2073 | Local Security vulnerability in DB2 Universal Database Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | 2.1 |
| 2005-06-29 | CVE-2005-2072 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. | 7.2 |
| 2005-06-29 | CVE-2005-2071 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris 10.0 traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . | 4.6 |
| 2005-06-29 | CVE-2005-2070 | Remote Denial Of Service Weakness in Sendmail Milter The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading. | 5.0 |
| 2005-06-29 | CVE-2005-2067 | SQL Injection vulnerability in ASPNuke Article.ASP SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter. | 7.5 |
| 2005-06-29 | CVE-2005-2066 | SQL Injection vulnerability in Asp-Nuke 0.80 SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter. | 7.5 |
| 2005-06-29 | CVE-2005-2065 | Unspecified vulnerability in Asp-Nuke 0.80 HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parameter. | 5.0 |
| 2005-06-29 | CVE-2005-2064 | Cross-Site Scripting vulnerability in Asp-Nuke 0.80 Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp. | 5.0 |
| 2005-06-29 | CVE-2005-2063 | Cross-Site Scripting vulnerability in Active web Softwares Activebuyandsell 6.2 Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp. network active-web-softwares | 4.3 |
| 2005-06-29 | CVE-2005-2062 | SQL Injection vulnerability in Active web Softwares Activebuyandsell 6.2 Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buyer.asp, or Keyword field in search.asp. | 7.5 |