Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0738 | Resource Exhaustion vulnerability in Microsoft Exchange Server 2003 Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store service (Store.exe) to hang as a result of a large number of recursive calls. | 5.0 |
| 2005-05-02 | CVE-2005-0737 | Remote Buffer Overflow vulnerability in Yahoo! Messenger Offline Mode Status Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. | 7.5 |
| 2005-05-02 | CVE-2005-0735 | Permissions, Privileges, and Access Controls vulnerability in Newsscript.Co.Uk Newsscript newsscript.pl for NewsScript allows remote attackers to gain privileges by setting the mode parameter to admin. | 10.0 |
| 2005-05-02 | CVE-2005-0734 | Denial-Of-Service vulnerability in PY Software Active Webcam 5.5 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (memory exhaustion and process crash) via a large number of HTTP requests. | 5.0 |
| 2005-05-02 | CVE-2005-0733 | Remote Security vulnerability in PY Software Active Webcam 5.5 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existence of files via an HTTP request with a full pathname, which produces different messages whether the file exists or not. | 5.0 |
| 2005-05-02 | CVE-2005-0732 | Remote Security vulnerability in PY Software Active Webcam 5.5 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to obtain the full path of the web server via a request for a non-existent filename, which leaks the full path in an error message. | 5.0 |
| 2005-05-02 | CVE-2005-0730 | Denial-Of-Service vulnerability in PY Software Active Webcam 5.5 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service via a request to a file on the floppy drive, as demonstrated using A:\a.txt. | 5.0 |
| 2005-05-02 | CVE-2005-0729 | Remote Security vulnerability in XPand Rally 1.0/1.1 Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message. | 7.5 |
| 2005-05-02 | CVE-2005-0726 | SQL-Injection vulnerability in Ubbcentral Ubb.Threads 6.0 SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0724 | Information Disclosure vulnerability in paFileDB paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message. | 5.0 |