Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0491 | Remote Stack-Based Buffer Overrun vulnerability in Knox Arkeia Type 77 Request Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request. | 10.0 |
2005-05-02 | CVE-2005-0490 | Incorrect Calculation of Buffer Size vulnerability in Haxx Curl and Libcurl Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication. | 8.8 |
2005-05-02 | CVE-2005-0469 | Remote Buffer Overflow vulnerability in Multiple Vendor Telnet Client LINEMODE Sub-Options Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | 7.5 |
2005-05-02 | CVE-2005-0468 | Buffer Overflow vulnerability in Ncsa Telnet C Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. | 7.5 |
2005-05-02 | CVE-2005-0465 | Unspecified vulnerability in SGI Irix gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. | 2.1 |
2005-05-02 | CVE-2005-0464 | Unspecified vulnerability in SGI Irix 6.5.22 gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. | 2.1 |
2005-05-02 | CVE-2005-0463 | SQL Injection vulnerability in INL Ulog-PHP 0.8/0.8.1/0.8.2 Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown impact and attack vectors, probably related to SQL injection vulnerabilities in (1) host.php, (2) port.php, and (3) index.php. | 7.5 |
2005-05-02 | CVE-2005-0461 | Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on comments." | 5.0 |
2005-05-02 | CVE-2005-0460 | Information Disclosure vulnerability in Mercuryboard 1.0/1.1/1.1.1 index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter. | 5.0 |
2005-05-02 | CVE-2005-0459 | Remote Security vulnerability in phpMyAdmin phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message. | 5.0 |