Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-04-27 | CVE-2005-0424 | Remote vulnerability in Aspjar Guestbook 1.0 Unknown vulnerability in the delete.asp program in certain versions of ASPjar Guestbook allows remote attackers to delete messages. | 5.0 |
| 2005-04-27 | CVE-2005-0423 | Remote vulnerability in Aspjar Guestbook 1.0 SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field. | 5.0 |
| 2005-04-27 | CVE-2005-0422 | Local Security vulnerability in Codebank DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and passwords in the Codebank registry key, which allows local users to gain privileges. | 2.1 |
| 2005-04-27 | CVE-2005-0421 | Local Security vulnerability in Delphiturk FTP 1.0 DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges. | 2.1 |
| 2005-04-27 | CVE-2005-0420 | Open Redirect vulnerability in Microsoft Exchange Server 2003 Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application. | 5.8 |
| 2005-04-27 | CVE-2005-0419 | Remote Security vulnerability in 3Com 3Cserver 1.1 Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command. | 7.5 |
| 2005-04-27 | CVE-2005-0417 | Unspecified vulnerability in IBM DB2 Universal Database Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. | 10.0 |
| 2005-04-27 | CVE-2005-0416 | Buffer Overflow vulnerability in Microsoft Windows User32.DLL ANI File Header Handling Stack-Based The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. | 7.5 |
| 2005-04-27 | CVE-2005-0415 | Denial-Of-Service vulnerability in Emdros Database Engine Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow remote attackers to cause a denial of service (memory consumption) via malformed MQL statements. | 5.0 |
| 2005-04-27 | CVE-2005-0414 | SQL-Injection vulnerability in Mercuryboard 1.1.1 SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter. | 7.5 |