Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-14 | CVE-2005-1212 | Buffer Overflow vulnerability in Microsoft Step-By-Step Interactive Training Bookmark Link Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | 7.5 |
| 2005-06-14 | CVE-2005-1211 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file. | 5.1 |
| 2005-06-14 | CVE-2005-1208 | Remote Code Execution vulnerability in Microsoft Windows HTML Help Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. | 10.0 |
| 2005-06-14 | CVE-2005-1207 | Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters. | 7.2 |
| 2005-06-14 | CVE-2005-1206 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability." | 7.5 |
| 2005-06-14 | CVE-2005-1205 | Remote Information Disclosure vulnerability in Multiple Vendor Telnet Client The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | 5.0 |
| 2005-06-14 | CVE-2005-0563 | Cross-Site Scripting vulnerability in Microsoft Exchange Server 5.5 Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("javAsc
ript:") in an IMG tag. | 4.3 |
| 2005-06-14 | CVE-2005-0488 | Remote Information Disclosure vulnerability in Multiple Vendor Telnet Client Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | 5.0 |
| 2005-06-13 | CVE-2005-1972 | SQL-Injection vulnerability in Interactivephp Fusionbb 11Beta Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie. | 7.5 |
| 2005-06-13 | CVE-2005-1936 | Remote Authentication Bypass vulnerability in Xerox Document Centre ESS/Network Controller Web Server Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 and earlier allows attackers to "gain unauthorized access." | 7.5 |