Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0426 | Local Denial Of Service vulnerability in Sun Solaris UDP Processing Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference. | 5.0 |
| 2005-05-02 | CVE-2005-0425 | Remote Security vulnerability in Websphere Application Server 5.0/5.1.0/6.0 Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine. | 5.0 |
| 2005-05-02 | CVE-2005-0418 | Unspecified vulnerability in SUN J2Se Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | 7.5 |
| 2005-05-02 | CVE-2005-0407 | HTML Injection vulnerability in OpenConf Paper Submission Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title. network zakon-group | 4.3 |
| 2005-05-02 | CVE-2005-0404 | KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. | 5.0 |
| 2005-05-02 | CVE-2005-0402 | Unspecified vulnerability in Mozilla Firefox Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page. | 2.6 |
| 2005-05-02 | CVE-2005-0401 | Remote Insecure XUL Start Up Script Loading vulnerability in Mozilla Browser FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2." | 5.1 |
| 2005-05-02 | CVE-2005-0400 | Unspecified vulnerability in Linux Kernel The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | 2.1 |
| 2005-05-02 | CVE-2005-0399 | Remote Heap Overflow vulnerability in Mozilla Firefox, Mozilla and Thunderbird Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. | 5.1 |
| 2005-05-02 | CVE-2005-0397 | Unspecified vulnerability in Imagemagick Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | 7.5 |