Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-0770 | Symbolic Link vulnerability in DGen Emulator romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files. | 2.1 |
| 2005-01-10 | CVE-2004-0571 | Unspecified vulnerability in Microsoft products Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | 10.0 |
| 2005-01-10 | CVE-2004-0568 | Unspecified vulnerability in Microsoft products HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | 10.0 |
| 2005-01-10 | CVE-2004-0139 | Unspecified vulnerability in SGI Irix Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors. | 10.0 |
| 2005-01-07 | CVE-1999-1431 | Unspecified vulnerability in Microsoft Zero Administration KIT 1.0 ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe. | 4.6 |
| 2005-01-06 | CVE-2005-0182 | Local Insecure Temporary File Creation vulnerability in MOD Dosevasive MOD Dosevasive 1.8/1.9 The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack. | 5.0 |
| 2005-01-06 | CVE-2004-1318 | Remote vulnerability in Namazu 2.0.13/2.0.7/2.0.8 Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized. network namazu | 4.3 |
| 2005-01-06 | CVE-2004-1183 | Integer Overflow vulnerability in LibTIFF TIFFDUMP Heap Corruption Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file. | 5.1 |
| 2005-01-05 | CVE-1999-1373 | Unspecified vulnerability in Fore Powerhub Software FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. | 5.0 |
| 2005-01-04 | CVE-2005-0283 | Remote Directory Traversal vulnerability in David Barrett Qwikiwiki 1.4.1 Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. | 5.0 |