Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-29 | CVE-2005-2058 | SQL-Injection vulnerability in UBB.threads Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php. | 7.5 |
| 2005-06-29 | CVE-2005-2057 | Cross-Site Scripting vulnerability in UBB.threads Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number, (6) Board, or (7) what parameter to showprofile.php, (8) fpart or (9) page parameter to showflat.php, or (10) like parameter to showmembers.php. network ubbcentral | 6.8 |
| 2005-06-29 | CVE-2005-2056 | Quantum Decompressor Denial Of Service vulnerability in Clam Anti-Virus Clamav 0.85/0.85.1/0.86 The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. | 2.6 |
| 2005-06-29 | CVE-2005-2055 | Remote Security vulnerability in RealPlayer RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | 5.0 |
| 2005-06-29 | CVE-2005-2054 | Remote Security vulnerability in RealPlayer Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file. | 5.1 |
| 2005-06-29 | CVE-2005-0201 | Local Privilege Escalation vulnerability in D-BUS Session Bus D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket. | 2.1 |
| 2005-06-28 | CVE-2005-2053 | Information Disclosure vulnerability in JAF CMS Just another flat file (JAF) CMS before 3.0 Final allows remote attackers to obtain sensitive information via (1) an * (asterisk) in the id parameter, (2) a blank id parameter, or (3) an * (asterisk) in the disp parameter to index.php, which reveals the path in an error message. | 5.0 |
| 2005-06-28 | CVE-2005-2052 | Remote Security vulnerability in RealPlayer Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. | 5.1 |
| 2005-06-28 | CVE-2005-2051 | Remote Buffer Overflow vulnerability in Veritas Backup Exec Web Administration Console Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. | 7.5 |
| 2005-06-28 | CVE-2005-2050 | Remote Security vulnerability in Tor Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space. | 5.0 |