Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-24 | CVE-2005-1694 | Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.750 Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow remote attackers to execute arbitrary SQL commands via the (1) name or (2) module parameter. | 7.5 |
2005-05-24 | CVE-2005-1693 | Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow. | 10.0 |
2005-05-20 | CVE-2005-1687 | Unspecified vulnerability in Wordpress 1.5 SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. | 7.5 |
2005-05-20 | CVE-2005-1686 | Unspecified vulnerability in Gnome Gedit 2.10.2 Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. | 2.6 |
2005-05-20 | CVE-2005-1684 | Unspecified vulnerability in Episodex Guestbook Cross-site scripting (XSS) vulnerability in default.asp for episodex guestbook allows remote attackers to inject arbitrary web script or HTML via the Name field and other fields. network episodex | 4.3 |
2005-05-20 | CVE-2005-1683 | Buffer Overflow vulnerability in Microsoft Word MCW File Handler Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file. | 2.6 |
2005-05-20 | CVE-2005-1681 | Remote Security vulnerability in Php Advanced Transfer Manager 1.20/1.21 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. | 7.5 |
2005-05-20 | CVE-2005-1680 | Security Bypass vulnerability in DSL-562T D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address. | 7.5 |
2005-05-20 | CVE-2005-1679 | Remote Buffer Overflow vulnerability in Picasm Error Generation Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message. | 5.1 |
2005-05-20 | CVE-2005-1678 | Remote Security vulnerability in Groove Workspace and Virtual Office Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code. | 2.6 |