Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-28 | CVE-2005-2052 | Remote Security vulnerability in RealPlayer Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. | 5.1 |
2005-06-28 | CVE-2005-2051 | Remote Buffer Overflow vulnerability in Veritas Backup Exec Web Administration Console Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. | 7.5 |
2005-06-28 | CVE-2005-2050 | Remote Security vulnerability in Tor Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space. | 5.0 |
2005-06-28 | CVE-2005-1766 | Unspecified vulnerability in Realnetworks Realplayer Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file. | 5.1 |
2005-06-28 | CVE-2005-1759 | Unspecified vulnerability in Shtool Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751. | 1.2 |
2005-06-28 | CVE-2005-0772 | NULL Pointer Dereference vulnerability in Veritas Backup Exec VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference. | 7.5 |
2005-06-23 | CVE-2005-0771 | Unspecified vulnerability in Symantec Veritas Backup Exec VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106. | 10.0 |
2005-06-22 | CVE-2005-2049 | SQL Injection vulnerability in Duware Duclassmate 1.2 Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp. | 7.5 |
2005-06-22 | CVE-2005-2048 | SQL-Injection vulnerability in Duware Duforum 3.1 Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) iMsg parameter to messages.asp, iFor parameter to (2) post.asp or (3) forums.asp, or (4) id parameter to userEdit.asp. | 7.5 |
2005-06-22 | CVE-2005-2047 | SQL-Injection vulnerability in Duware Dupaypal PRO 3.0 Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter to cat.asp, (2) iPro parameter to detail.asp, (3) iSub parameter to sub.asp, (4) iCat parameter to catEdit.asp. | 7.5 |