Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-11 | CVE-2005-2170 | Remote Denial Of Service vulnerability in IBM Tivoli Management Framework 4.1.1 The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data. | 5.0 |
2005-07-11 | CVE-2005-2150 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog. | 5.0 |
2005-07-11 | CVE-2005-1848 | Unspecified vulnerability in Phystech Dhcpcd 1.3.17Pl2 The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors that cause an out-of-bounds memory read. | 5.0 |
2005-07-11 | CVE-2005-1768 | Local Buffer Overflow vulnerability in Linux Kernel IA32 ExecVE Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. | 3.7 |
2005-07-09 | CVE-2005-2176 | Unspecified vulnerability in Novell Netmail Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | 6.4 |
2005-07-09 | CVE-2005-2175 | Remote Security vulnerability in Lotus Notes The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | 5.0 |
2005-07-08 | CVE-2005-2174 | Unspecified vulnerability in Mozilla Bugzilla Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete. | 2.6 |
2005-07-08 | CVE-2005-2173 | Unspecified vulnerability in Mozilla Bugzilla The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2.18.1 and 2.19.1 to 2.19.3 do not verify that the flag ID is appropriate for the given bug or attachment ID, which allows users to change flags on arbitrary bugs and obtain a bug summary via process_bug.cgi. | 5.0 |
2005-07-07 | CVE-2005-1841 | Unspecified vulnerability in Adobe Acrobat Reader 5.0.10/5.0.9 The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it. | 2.1 |
2005-07-06 | CVE-2005-2169 | Directory Traversal vulnerability in KAF Oseo Quick and Dirty PHPsource Printer 1.1 Directory traversal vulnerability in source.php in Quick & Dirty PHPSource Printer 1.1 and earlier allows remote attackers to read arbitrary files via ".../...//" sequences in the file parameter, which are reduced to "../" when PHPSource Printer uses a regular expression to remove "../" sequences. | 5.0 |