Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-02-21 | CVE-2005-0512 | Remote Security vulnerability in Mambo PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693. | 7.5 |
| 2005-02-21 | CVE-2005-0511 | Unspecified vulnerability in Jelsoft Vbulletin misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter. | 7.5 |
| 2005-02-21 | CVE-2005-0503 | uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. | 4.6 |
| 2005-02-21 | CVE-2005-0496 | Use of Hard-coded Credentials vulnerability in Arkeia Network Backup 5.0 Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands. | 9.8 |
| 2005-02-21 | CVE-2005-0494 | Denial-Of-Service vulnerability in Thomson Cable Modem Tcw690 The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request. | 7.5 |
| 2005-02-21 | CVE-2005-0467 | Remote Security vulnerability in PUTTY Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated. | 7.5 |
| 2005-02-20 | CVE-2005-0499 | Denial-Of-Service vulnerability in Gigafast Router Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries. | 5.0 |
| 2005-02-19 | CVE-2005-0513 | Remote File Include vulnerability in Pmachine PRO 2.4 PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086. | 7.5 |
| 2005-02-19 | CVE-2005-0495 | Cross-Site Scripting vulnerability in Zeroboard Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3) page parameter to zboard.php or (4) filename to view_image.php. network zeroboard | 4.3 |
| 2005-02-19 | CVE-2005-0092 | Multiple vulnerability in Red Hat Enterprise Linux Kernel Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash). | 2.1 |