Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1186 | Cross-Site Scripting vulnerability in Jukebox Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting (XSS) attacks. network musicmatch | 6.8 |
2005-05-02 | CVE-2005-1185 | Local Security vulnerability in Jukebox Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe. | 4.6 |
2005-05-02 | CVE-2005-1184 | Denial Of Service vulnerability in Multiple Vendor TCP Session Acknowledgement Number The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. | 5.0 |
2005-05-02 | CVE-2005-1183 | Cross-Site Scripting vulnerability in Mvnforum 1.0Rc4 Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. network mvnforum | 4.3 |
2005-05-02 | CVE-2005-1182 | Denial-Of-Service vulnerability in IBM OS 400 R510/R520/R530 Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs. | 5.0 |
2005-05-02 | CVE-2005-1180 | Remote Security vulnerability in Francisco Burzi PHP-Nuke 7.6 HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter. | 5.0 |
2005-05-02 | CVE-2005-1179 | SNMP Authentication Bypass vulnerability in Xerox MicroServer Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to SNMP authentication, allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-0703. | 5.0 |
2005-05-02 | CVE-2005-1178 | SQL-Injection vulnerability in Forms And Reports SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature. | 7.5 |
2005-05-02 | CVE-2005-1177 | Denial-Of-Service vulnerability in Usermin Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact. | 10.0 |
2005-05-02 | CVE-2005-1176 | Information Disclosure vulnerability in AIX Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information. | 1.2 |