Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-13 | CVE-2005-1935 | Remote Security vulnerability in Windows NT Terminal Server Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. | 7.5 |
2005-06-13 | CVE-2005-1933 | Remote Security vulnerability in Apple mac OS X 10.4 Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | 7.5 |
2005-06-13 | CVE-2005-1760 | Information Disclosure vulnerability in RedHat Linux SysReport Proxy sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges. | 7.5 |
2005-06-13 | CVE-2005-1474 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | 7.5 |
2005-06-13 | CVE-2005-1473 | Unspecified vulnerability in Apple mac OS X 10.4.1 SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. | 4.6 |
2005-06-13 | CVE-2005-0151 | Unspecified vulnerability in Adobe Creative Suite, Photoshop and Premiere Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. | 7.5 |
2005-06-12 | CVE-2005-1959 | Remote Arbitrary Command Execution vulnerability in Jammail 1.8 jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter. | 7.5 |
2005-06-12 | CVE-2005-1957 | Improper Authentication vulnerability in Adam Mmedici File Upload Manager mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action. | 7.5 |
2005-06-12 | CVE-2005-1956 | File-Upload vulnerability in File Upload Manager File Upload Manager allows remote attackers to upload arbitrary files by modifying the test variable to contain a value of '~~~~~~' (six tildes), which bypasses the file extension checks. | 5.0 |
2005-06-12 | CVE-2005-1955 | Cross-Site Scripting vulnerability in Singapore 0.9.11Beta Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. network singapore | 4.3 |