Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0807 | Remote Heap Buffer Overflow vulnerability in Massimiliano Montoro Cain & Abel PSK Sniffer Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters. | 7.5 |
2005-05-02 | CVE-2005-0806 | Unspecified vulnerability in Ximian Evolution 2.0.3 Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames. | 5.0 |
2005-05-02 | CVE-2005-0805 | SQL Injection vulnerability in Subdreamer Light 1.0 SQL injection vulnerability in index.php in Subdreamer Light, when magic_quotes_gpc is enabled, allows remote attackers to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not properly handled by imagegallery.php. | 7.5 |
2005-05-02 | CVE-2005-0804 | Remote Format String vulnerability in Mailenable Standard 1.8 Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field. | 5.0 |
2005-05-02 | CVE-2005-0803 | Resource Management Errors vulnerability in Microsoft Windows 2000 The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability." | 5.0 |
2005-05-02 | CVE-2005-0802 | Cross-Site Scripting vulnerability in ACS Blog Search.ASP Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 through 1.1b allows remote attackers to execute arbitrary web script or HTML via the search parameter. network asp-press | 4.3 |
2005-05-02 | CVE-2005-0801 | Directory Traversal vulnerability in Includer.Cgi Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. | 5.0 |
2005-05-02 | CVE-2005-0800 | Unspecified vulnerability in Mcnews PHP remote file inclusion vulnerability in install.php in mcNews 1.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the l parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2005-0720. | 7.5 |
2005-05-02 | CVE-2005-0796 | Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. | 5.0 |
2005-05-02 | CVE-2005-0787 | Local Insecure File Creation vulnerability in Wine 20050211/20050305/20050310 Wine 20050211 and earlier creates temp files with world readable permissions and predictable file names, which allows local users to obtain sensitive information, such as passwords. | 2.1 |