Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-16 | CVE-2005-1954 | Information Disclosure vulnerability in Singapore 0.9.11 singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message. | 5.0 |
| 2005-06-16 | CVE-2005-1952 | Remote Security vulnerability in Pico Server Pico Server 3.3 Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. | 7.5 |
| 2005-06-16 | CVE-2005-1951 | HTTP Response Splitting vulnerability in osCommerce Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php. | 5.0 |
| 2005-06-16 | CVE-2005-1769 | Unspecified vulnerability in Squirrelmail Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message. network squirrelmail | 4.3 |
| 2005-06-16 | CVE-2005-1722 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | 7.2 |
| 2005-06-16 | CVE-2005-1721 | Unspecified vulnerability in Apple AFP Server Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. | 7.5 |
| 2005-06-16 | CVE-2005-1720 | Unspecified vulnerability in Apple AFP Server AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | 2.1 |
| 2005-06-16 | CVE-2005-1669 | Cross-site Scripting vulnerability in Opera Browser Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains. | 6.8 |
| 2005-06-16 | CVE-2005-1475 | Open Redirect vulnerability in Opera Browser The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect. | 7.5 |
| 2005-06-16 | CVE-2005-1269 | Denial of Service vulnerability in Gaim Yahoo! Protocol Support File Download Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name. | 5.0 |