Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0194 | Security Bypass vulnerability in Squid Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings. | 10.0 |
| 2005-05-02 | CVE-2005-0187 | Remote Code Execution vulnerability in AtHoc ToolBar Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name. | 7.5 |
| 2005-05-02 | CVE-2005-0185 | Buffer Overflow vulnerability in Mnet Soft Factory Nodemanager Professional 2.00 Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field. | 7.5 |
| 2005-05-02 | CVE-2005-0184 | Directory traversal vulnerability in ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to read arbitrary files via a .. | 2.1 |
| 2005-05-02 | CVE-2005-0183 | Unspecified vulnerability in Squirrelmail Vacation Plugin ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument. | 7.2 |
| 2005-05-02 | CVE-2005-0173 | Authentication Bypass vulnerability in Squid Proxy squid_ldap_auth squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server. | 7.5 |
| 2005-05-02 | CVE-2005-0158 | Unspecified vulnerability in Bidwatcher Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses. | 7.5 |
| 2005-05-02 | CVE-2005-0148 | Unspecified vulnerability in Mozilla Thunderbird 0.6/0.7/0.8 Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is installed on the user's system. | 5.0 |
| 2005-05-02 | CVE-2005-0147 | Unspecified vulnerability in Mozilla Firefox and Mozilla Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials. | 7.5 |
| 2005-05-02 | CVE-2005-0146 | Unspecified vulnerability in Mozilla Firefox and Mozilla Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation. | 5.0 |