Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0077 | Insecure Temporary File Creation vulnerability in Libdbi-perl The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | 2.1 |
| 2005-05-02 | CVE-2005-0076 | Unspecified vulnerability in Debian Linux 3.0 Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. | 7.2 |
| 2005-05-02 | CVE-2005-0073 | Unspecified vulnerability in Debian Sympa 3.3.3 Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code. | 4.6 |
| 2005-05-02 | CVE-2005-0071 | Remote File Access vulnerability in VDR Daemon vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files. | 5.0 |
| 2005-05-02 | CVE-2005-0070 | Local File Disclosure vulnerability in Synaesthesia Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. | 7.2 |
| 2005-05-02 | CVE-2005-0065 | Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. | 10.0 |
| 2005-05-02 | CVE-2005-0064 | Unspecified vulnerability in Xpdf Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. | 7.5 |
| 2005-05-02 | CVE-2005-0063 | Remote Code Execution vulnerability in Microsoft Windows Shell The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. | 7.5 |
| 2005-05-02 | CVE-2005-0061 | Unspecified vulnerability in Microsoft products The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests. | 7.2 |
| 2005-05-02 | CVE-2005-0060 | Unspecified vulnerability in Microsoft products Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. | 7.2 |