Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0458 | Cross-Site Scripting vulnerability in Oscommerce 2.2Ms2 Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attackers to inject arbitrary web script or HTML via the enquiry parameter. network oscommerce | 4.3 |
2005-05-02 | CVE-2005-0457 | Uncontrolled Search Path Element vulnerability in Opera Browser Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory. | 7.2 |
2005-05-02 | CVE-2005-0455 | Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. | 5.1 |
2005-05-02 | CVE-2005-0454 | SQL Injection vulnerability in DCP-Portal Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php. | 7.5 |
2005-05-02 | CVE-2005-0451 | Denial-Of-Service vulnerability in Sami Http Server 1.0.5 Sami HTTP Server 1.0.5 allows remote attackers to cause a denial of service via an HTTP request containing two CRLF sequences, which triggers a NULL dereference. | 5.0 |
2005-05-02 | CVE-2005-0450 | Directory Traversal vulnerability in Sami Http Server 1.0.5 Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrary files via an HTTP request containing (1) .. | 5.0 |
2005-05-02 | CVE-2005-0449 | Improper Input Validation vulnerability in Linux Kernel The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function. | 7.1 |
2005-05-02 | CVE-2005-0448 | Local Race Condition Privilege Escalation vulnerability in Perl 'rmdir()' Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452. | 1.2 |
2005-05-02 | CVE-2005-0446 | Remote Denial Of Service vulnerability in Squid Proxy DNS Name Resolver Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure. | 5.0 |
2005-05-02 | CVE-2005-0445 | Cross-Site Scripting vulnerability in Open WebMail Logindomain Parameter Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page. network open-webmail | 4.3 |