Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0493 | Security Bypass vulnerability in Biz Mail Form CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter. | 5.0 |
| 2005-05-02 | CVE-2005-0492 | Improper Input Validation vulnerability in Adobe Acrobat Reader 6.0.3/7.0 Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node. | 2.6 |
| 2005-05-02 | CVE-2005-0491 | Remote Stack-Based Buffer Overrun vulnerability in Knox Arkeia Type 77 Request Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request. | 10.0 |
| 2005-05-02 | CVE-2005-0490 | Incorrect Calculation of Buffer Size vulnerability in Haxx Curl and Libcurl Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication. | 8.8 |
| 2005-05-02 | CVE-2005-0469 | Remote Buffer Overflow vulnerability in Multiple Vendor Telnet Client LINEMODE Sub-Options Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | 7.5 |
| 2005-05-02 | CVE-2005-0468 | Buffer Overflow vulnerability in Ncsa Telnet C Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. | 7.5 |
| 2005-05-02 | CVE-2005-0465 | Unspecified vulnerability in SGI Irix gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. | 2.1 |
| 2005-05-02 | CVE-2005-0464 | Unspecified vulnerability in SGI Irix 6.5.22 gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. | 2.1 |
| 2005-05-02 | CVE-2005-0463 | SQL Injection vulnerability in INL Ulog-PHP 0.8/0.8.1/0.8.2 Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown impact and attack vectors, probably related to SQL injection vulnerabilities in (1) host.php, (2) port.php, and (3) index.php. | 7.5 |
| 2005-05-02 | CVE-2005-0461 | Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on comments." | 5.0 |