Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1402 | Unspecified vulnerability in Mtp-Target Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison. | 5.0 |
| 2005-05-03 | CVE-2005-1401 | Unspecified vulnerability in Mtp-Target 1.2.2 Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text. | 7.5 |
| 2005-05-03 | CVE-2005-1398 | Improper Input Validation vulnerability in PHPcart 3.2/3.4/4.6.4 phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying the (1) price or (2) postage parameters. | 5.0 |
| 2005-05-03 | CVE-2005-1397 | SQL Injection vulnerability in PHP-Calendar Search.PHP SQL injection vulnerability in search.php for PHP-Calendar before 0.10.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2005-05-03 | CVE-2005-1393 | Unspecified vulnerability in Esri Arcinfo Workstation 9.0 Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery. | 4.6 |
| 2005-05-03 | CVE-2005-1392 | Unspecified vulnerability in PHPmyadmin 2.6.2 The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script. | 4.6 |
| 2005-05-03 | CVE-2005-1391 | Remote Buffer Overflow vulnerability in Apsis Pound 1.8.2 Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header. | 7.5 |
| 2005-05-03 | CVE-2005-1388 | Cross-Site Scripting vulnerability in Survivor 0.9.5A Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network survivor | 4.3 |
| 2005-05-03 | CVE-2005-1387 | Unspecified vulnerability in Kristofer Szymanski Cocktail 3.5.4 Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes. | 7.2 |
| 2005-05-03 | CVE-2005-1386 | Information Disclosure vulnerability in PHP-Nuke PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) ipban.php, (2) db.php, (3) lang-norwegian.php, (4) lang-indonesian.php, (5) lang-greek.php, (6) a request to Web_Links with the portuguese language (lang-portuguese.php), (7) a request to Web_Links with the indonesian language (lang-indonesian.php), (8) a request to the survey module with the indonesian language (lang-indonesian.php), (9) a request to the Reviews module with the portuguese language, or (10) a request to the Journal module with the portuguese language, which reveal the path in an error message. | 5.0 |