Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1111 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | 4.7 |
2005-05-02 | CVE-2005-1110 | Unspecified vulnerability in Sumus 0.2.2 Stack-based buffer overflow in the RespondeHTTPPendiente function in the HTTP server for SUMUS 0.2.2 allows remote attackers to execute arbitrary code via a large packet sent to TCP port 81. | 7.5 |
2005-05-02 | CVE-2005-1109 | Unspecified vulnerability in Junkbuster Internet Junkbuster 2.0.1/2.0.2/2.0.2R2 The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption. | 7.5 |
2005-05-02 | CVE-2005-1108 | Unspecified vulnerability in Junkbuster Internet Junkbuster 2.0.2R2 The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request. | 5.0 |
2005-05-02 | CVE-2005-1106 | Denial-Of-Service vulnerability in Apple Quicktime Pictureviewer 6.5.2 PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow. | 5.0 |
2005-05-02 | CVE-2005-1105 | Unspecified vulnerability in SUN Javamail 1.3.2 Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. | 5.0 |
2005-05-02 | CVE-2005-1104 | Unspecified vulnerability in Centra 7 Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) first name, or (3) last name fields. network centra | 4.3 |
2005-05-02 | CVE-2005-1102 | Cross-Site Scripting vulnerability in WordPress Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post. network wordpress | 6.8 |
2005-05-02 | CVE-2005-1101 | Unspecified vulnerability in IBM Lotus Domino Server 6.0.5/6.5.4 Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via large amounts of data in certain (1) time or (2) date fields. | 7.5 |
2005-05-02 | CVE-2005-1100 | Unspecified vulnerability in Salim Gasmi GLD 1.3/1.4 Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog. | 7.5 |