Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1131 | Unspecified vulnerability in Symantec Veritas I3 Focalpoint Server 7.1 Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and unknown but "critical" impact. | 10.0 |
2005-05-02 | CVE-2005-1129 | Information Disclosure vulnerability in EGroupWare EMail Attachment eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient. | 2.1 |
2005-05-02 | CVE-2005-1128 | SQL-Injection vulnerability in Virtual Hosting Control System Virtual Hosting Control System 2.2 Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries. | 7.5 |
2005-05-02 | CVE-2005-1127 | Unspecified vulnerability in Postgrey 1.17/1.18 Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey. | 5.0 |
2005-05-02 | CVE-2005-1125 | Unspecified vulnerability in Avaya Libsafe Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed. | 5.1 |
2005-05-02 | CVE-2005-1124 | Local Security vulnerability in Solaris Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. | 4.6 |
2005-05-02 | CVE-2005-1123 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Monkey-Project Monkey Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file. | 5.0 |
2005-05-02 | CVE-2005-1121 | Remote Format String vulnerability in Oops! Proxy Server Auth Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL. | 5.0 |
2005-05-02 | CVE-2005-1120 | Remote HTML Injection vulnerability in IlohaMail Email Message Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the e-mail (1) body, (2) filename, or (3) MIME type. network ilohamail | 4.3 |
2005-05-02 | CVE-2005-1119 | Unspecified vulnerability in Todd Miller Sudo Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files. | 2.1 |