Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-15 | CVE-2005-1997 | Information Disclosure vulnerability in Mcgallery 1.1 show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter. | 5.0 |
| 2005-06-15 | CVE-2005-1996 | Code Injection vulnerability in Bitrix Site Manager PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter. | 5.0 |
| 2005-06-15 | CVE-2005-1995 | Information Disclosure vulnerability in Bitrix Site Manager Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, which reveals the path in an error message. | 5.0 |
| 2005-06-15 | CVE-2005-1306 | XXE vulnerability in Adobe Acrobat and Acrobat Reader The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability." | 7.5 |
| 2005-06-14 | CVE-2005-1994 | Remote Security vulnerability in Surfingate Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e". | 5.0 |
| 2005-06-14 | CVE-2005-1937 | Unspecified vulnerability in Mozilla Firefox and Mozilla A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718. | 2.6 |
| 2005-06-14 | CVE-2005-1216 | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter. | 7.5 |
| 2005-06-14 | CVE-2005-1215 | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers. | 7.5 |
| 2005-06-14 | CVE-2005-1214 | Unspecified vulnerability in Microsoft products Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | 5.1 |
| 2005-06-14 | CVE-2005-1213 | Buffer Overflow vulnerability in Microsoft Outlook Express NNTP Response Parsing Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. | 7.5 |