Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0549 | Unspecified vulnerability in SUN Solaris Answerbook2 1.4/1.4.2/1.4.4 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. network sun | 4.3 |
| 2005-05-02 | CVE-2005-0546 | Remote Buffer Overflow vulnerability in Cyrus IMAPD Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd. | 7.5 |
| 2005-05-02 | CVE-2005-0545 | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. | 7.2 |
| 2005-05-02 | CVE-2005-0544 | Remote Security vulnerability in PHPmyadmin 2.6.1 phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-0542 | Local Security vulnerability in Cyclades Alterpath Manager 1.2.1 saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain privileges by setting the adminUser parameter to true. | 4.6 |
| 2005-05-02 | CVE-2005-0541 | Remote Security vulnerability in Cyclades Alterpath Manager 1.2.1 consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to connect to arbitrary consoles by modifying the consolename parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0540 | Information Disclosure vulnerability in Cyclades Alterpath Manager 1.2.1 Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to obtain sensitive information via a direct request to the /about.html page. | 5.0 |
| 2005-05-02 | CVE-2005-0539 | Local Security vulnerability in IBM Hardware Management Console 4.1/4.2 Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard. | 4.6 |
| 2005-05-02 | CVE-2005-0538 | Directory Traversal vulnerability in Ginp 0.20/0.21 Directory traversal vulnerability in (1) GinpPictureServlet.java and (2) PicCollection.java in ginp (Java Photo Gallery Web Application) before 0.22 allows remote attackers to read arbitrary files. | 5.0 |
| 2005-05-02 | CVE-2005-0536 | Unspecified vulnerability in Mediawiki Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion. | 5.0 |