Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-04-18 | CVE-2005-0753 | Unspecified vulnerability in CVS Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code. | 7.5 |
2005-04-18 | CVE-2005-0752 | Remote Script Code Execution vulnerability in Mozilla Firefox PLUGINSPAGE The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag. | 7.5 |
2005-04-15 | CVE-2005-1308 | Unspecified vulnerability in Inter7 Sqwebmail SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. | 7.5 |
2005-04-15 | CVE-2005-1142 | Remote Security vulnerability in Optical Character Recognition Utility Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values. | 7.5 |
2005-04-15 | CVE-2005-1141 | Integer Overflow or Wraparound vulnerability in Optical Character Recognition Project Optical Character Recognition 0.40 Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow. | 9.8 |
2005-04-15 | CVE-2005-1140 | HTML Injection vulnerability in Mywebland Mybloggie 2.1.1 Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the comments. network mywebland | 4.3 |
2005-04-15 | CVE-2005-1126 | Resource Management Errors vulnerability in Freebsd The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory. | 2.1 |
2005-04-14 | CVE-2005-1139 | Unspecified vulnerability in Opera Browser 8.0 Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks. | 7.5 |
2005-04-14 | CVE-2005-1136 | Information Disclosure vulnerability in Sphpblog 0.4.0 Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files. | 5.0 |
2005-04-14 | CVE-2005-1122 | USE of Externally-Controlled Format String vulnerability in Monkey-Project Monkey Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error"). | 7.5 |