Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-15 | CVE-2005-1306 | XXE vulnerability in Adobe Acrobat and Acrobat Reader The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability." | 7.5 |
| 2005-06-14 | CVE-2005-1994 | Remote Security vulnerability in Surfingate Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e". | 5.0 |
| 2005-06-14 | CVE-2005-1937 | Unspecified vulnerability in Mozilla Firefox and Mozilla A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718. | 2.6 |
| 2005-06-14 | CVE-2005-1216 | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter. | 7.5 |
| 2005-06-14 | CVE-2005-1215 | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers. | 7.5 |
| 2005-06-14 | CVE-2005-1214 | Unspecified vulnerability in Microsoft products Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | 5.1 |
| 2005-06-14 | CVE-2005-1213 | Buffer Overflow vulnerability in Microsoft Outlook Express NNTP Response Parsing Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. | 7.5 |
| 2005-06-14 | CVE-2005-1212 | Buffer Overflow vulnerability in Microsoft Step-By-Step Interactive Training Bookmark Link Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | 7.5 |
| 2005-06-14 | CVE-2005-1211 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file. | 5.1 |
| 2005-06-14 | CVE-2005-1208 | Remote Code Execution vulnerability in Microsoft Windows HTML Help Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. | 10.0 |