Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-03 | CVE-2005-0674 | HTML Injection vulnerability in PHP Arena Pabox 1.6 Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request. network php-arena | 4.3 |
2005-03-03 | CVE-2005-0671 | Remote vulnerability in Ca3DE Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | 7.5 |
2005-03-02 | CVE-2005-0641 | Unspecified vulnerability in Broadcom Unicenter Asset Management 4.0 Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template. network broadcom | 4.3 |
2005-03-02 | CVE-2005-0640 | Unspecified vulnerability in Broadcom Unicenter Asset Management 4.0 Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods. | 4.6 |
2005-03-02 | CVE-2005-0639 | Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. | 7.5 |
2005-03-02 | CVE-2005-0638 | xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. | 7.5 |
2005-03-02 | CVE-2005-0636 | Remote vulnerability in Foxmail Email Server 2.0 Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command. | 10.0 |
2005-03-02 | CVE-2005-0633 | Remote PNG Image File Parsing Buffer Overflow vulnerability in Cerulean Studios Trillian and Trillian PRO Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | 7.5 |
2005-03-02 | CVE-2005-0620 | Local Security vulnerability in Einstein Einstein 1.0 stores credit card information in plaintext in the world-readable wallets.dat file, which allows local users to steal the information. | 2.1 |
2005-03-02 | CVE-2005-0605 | Integer Overflow vulnerability in libXPM Bitmap_unit scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | 7.5 |