Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-20 | CVE-2005-1681 | Remote Security vulnerability in Php Advanced Transfer Manager 1.20/1.21 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. | 7.5 |
| 2005-05-20 | CVE-2005-1680 | Security Bypass vulnerability in DSL-562T D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address. | 7.5 |
| 2005-05-20 | CVE-2005-1679 | Remote Buffer Overflow vulnerability in Picasm Error Generation Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message. | 5.1 |
| 2005-05-20 | CVE-2005-1678 | Remote Security vulnerability in Groove Workspace and Virtual Office Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code. | 2.6 |
| 2005-05-20 | CVE-2005-1677 | Security Bypass vulnerability in Groove Workspace and Virtual Office Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects. | 7.5 |
| 2005-05-20 | CVE-2005-1676 | Unspecified vulnerability in Groove Workspace and Virtual Office Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allow remote attackers to inject arbitrary web script or HTML via the (1) picture columns embedded within SharePoint lists or (2) drop-down menus in a SharePoint list. network groove | 6.8 |
| 2005-05-20 | CVE-2005-1675 | Information Disclosure vulnerability in Groove Workspace and Virtual Office Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | 4.6 |
| 2005-05-19 | CVE-2005-1934 | Denial of Service vulnerability in Gaim MSN Protocol Malformed Message Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | 5.0 |
| 2005-05-19 | CVE-2005-1674 | Cross-Site Request Forgery (CSRF) vulnerability in Helpcenterlive Help Center Live Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php. | 6.5 |
| 2005-05-19 | CVE-2005-1673 | Unspecified vulnerability in Ubertec Help Center Live Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php. | 7.5 |