Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1018 | Remote Buffer Overflow vulnerability in CA Brightstor Arcserve Backup 11.1 Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field. | 7.5 |
| 2005-05-02 | CVE-2005-1017 | SQL Injection vulnerability in Maxwebportal SQL injection vulnerability in the Update_Events function in events_functions.asp in MaxWebPortal 1.33 and earlier allows remote attackers to execute arbitrary SQL commands via the EVENT_ID parameter, as demonstrated using events.asp. | 7.5 |
| 2005-05-02 | CVE-2005-1016 | Input Validation vulnerability in MaxWebPortal Events And Links Interface Cross-site scripting (XSS) vulnerability in links_add_form.asp for MaxWebPortal 1.33 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URL in a banner URL. network maxwebportal | 4.3 |
| 2005-05-02 | CVE-2005-1015 | Unspecified vulnerability in Mailenable Imapd Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command. | 10.0 |
| 2005-05-02 | CVE-2005-1014 | Buffer Overflow vulnerability in MailEnable IMAP Authenticate Request Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command. | 7.5 |
| 2005-05-02 | CVE-2005-1013 | Denial Of Service vulnerability in MailEnable SMTP Malformed EHLO Request The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string. | 5.0 |
| 2005-05-02 | CVE-2005-1012 | Cross-Site Scripting vulnerability in SiteEnable Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description. network iatek | 4.3 |
| 2005-05-02 | CVE-2005-1011 | SQL Injection vulnerability in SiteEnable SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | 7.5 |
| 2005-05-02 | CVE-2005-1010 | HTML Injection vulnerability in Comersus Open Technologies Comersus Cart 6.0.3 Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username. network comersus-open-technologies | 4.3 |
| 2005-05-02 | CVE-2005-1009 | Remote Heap Overflow vulnerability in Bakbone Netvault 7.0/7.1 Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbitrary code via a modified computer name and length that leads to a heap-based buffer overflow, or (2) local users to execute arbitrary code via a long Name entry in the configure.cfg file. | 10.0 |