Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0568 | Remote Denial Of Service vulnerability in Raven Software Soldier Of Fortune 2 Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference. | 5.0 |
| 2005-05-02 | CVE-2005-0567 | Local File Include vulnerability in PHPmyadmin 2.6.1 Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-05-02 | CVE-2005-0565 | Remote Security vulnerability in Phpwebsite The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension. | 7.5 |
| 2005-05-02 | CVE-2005-0560 | Out-Of-Bounds Write vulnerability in Microsoft Exchange Server 2000/2003 Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port. | 7.5 |
| 2005-05-02 | CVE-2005-0558 | Unspecified vulnerability in Microsoft Word 2000/2002/2003 Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | 5.1 |
| 2005-05-02 | CVE-2005-0554 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." | 7.5 |
| 2005-05-02 | CVE-2005-0553 | Unspecified vulnerability in Microsoft IE and Internet Explorer Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | 5.1 |
| 2005-05-02 | CVE-2005-0551 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value. | 10.0 |
| 2005-05-02 | CVE-2005-0550 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability". | 2.1 |
| 2005-05-02 | CVE-2005-0549 | Unspecified vulnerability in SUN Solaris Answerbook2 1.4/1.4.2/1.4.4 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. network sun | 4.3 |