Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0721 | Remote Security vulnerability in Experience2 PHP remote file inclusion vulnerability in modules.php in eXPerience2 allows remote attackers to execute arbitrary PHP code by modifying the file parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2005-05-02 | CVE-2005-0712 | Unspecified vulnerability in Apple mac OS X 10.1/10.2/10.3.4 Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | 4.6 |
2005-05-02 | CVE-2005-0711 | Remote vulnerability in MySQL AB MySQL MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. | 2.1 |
2005-05-02 | CVE-2005-0710 | Remote vulnerability in MySQL AB MySQL MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. | 4.6 |
2005-05-02 | CVE-2005-0709 | Code Injection vulnerability in multiple products MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. | 4.6 |
2005-05-02 | CVE-2005-0708 | The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information. | 10.0 |
2005-05-02 | CVE-2005-0707 | Buffer Overflow vulnerability in Ipswitch Collaboration Suite IMail Server IMAP EXAMINE Argument Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. | 7.2 |
2005-05-02 | CVE-2005-0706 | Matches Buffer Overflow vulnerability in Grip CDDB Response Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected. | 7.5 |
2005-05-02 | CVE-2005-0682 | Cross-Site Scripting vulnerability in Drupal Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs. network drupal | 4.3 |
2005-05-02 | CVE-2005-0679 | Code Injection vulnerability in Stadtaus Tell A Friend Script PHP remote file inclusion vulnerability in tell_a_friend.inc.php for Tell A Friend Script 2.7 before 20050305 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | 7.5 |