Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0525 | Unspecified vulnerability in PHP The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | 5.0 |
2005-05-02 | CVE-2005-0524 | Unspecified vulnerability in PHP The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. | 5.0 |
2005-05-02 | CVE-2005-0523 | Remote Client-Side Format String vulnerability in ProZilla Initial Server Response Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | 7.5 |
2005-05-02 | CVE-2005-0522 | Unspecified vulnerability in Lionmax Software Chat Anywhere 2.72A Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges. | 4.6 |
2005-05-02 | CVE-2005-0501 | Remote Nickname Buffer Overrun vulnerability in Digipen Institute of Technology Bontago 1.1 Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname. | 7.5 |
2005-05-02 | CVE-2005-0500 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. | 5.0 |
2005-05-02 | CVE-2005-0498 | Information Disclosure vulnerability in Gigafast Router Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext. | 7.5 |
2005-05-02 | CVE-2005-0497 | Local Security vulnerability in Elite System Max 9000 ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory. | 7.2 |
2005-05-02 | CVE-2005-0493 | Security Bypass vulnerability in Biz Mail Form CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter. | 5.0 |
2005-05-02 | CVE-2005-0492 | Improper Input Validation vulnerability in Adobe Acrobat Reader 6.0.3/7.0 Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node. | 2.6 |