Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-20 | CVE-2005-1679 | Remote Buffer Overflow vulnerability in Picasm Error Generation Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message. | 5.1 |
| 2005-05-20 | CVE-2005-1678 | Remote Security vulnerability in Groove Workspace and Virtual Office Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code. | 2.6 |
| 2005-05-20 | CVE-2005-1677 | Security Bypass vulnerability in Groove Workspace and Virtual Office Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects. | 7.5 |
| 2005-05-20 | CVE-2005-1676 | Unspecified vulnerability in Groove Workspace and Virtual Office Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allow remote attackers to inject arbitrary web script or HTML via the (1) picture columns embedded within SharePoint lists or (2) drop-down menus in a SharePoint list. network groove | 6.8 |
| 2005-05-20 | CVE-2005-1675 | Information Disclosure vulnerability in Groove Workspace and Virtual Office Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | 4.6 |
| 2005-05-19 | CVE-2005-1934 | Denial of Service vulnerability in Gaim MSN Protocol Malformed Message Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | 5.0 |
| 2005-05-19 | CVE-2005-1674 | Cross-Site Request Forgery (CSRF) vulnerability in Helpcenterlive Help Center Live Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php. | 6.5 |
| 2005-05-19 | CVE-2005-1673 | Unspecified vulnerability in Ubertec Help Center Live Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php. | 7.5 |
| 2005-05-19 | CVE-2005-1672 | Unspecified vulnerability in Ubertec Help Center Live Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message field of a chat request, or (4) the message body when opening a trouble ticket. network ubertec | 4.3 |
| 2005-05-19 | CVE-2005-1671 | Information Disclosure vulnerability in Messenger The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users. | 2.1 |