Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-02-17 | CVE-2005-0243 | Unspecified vulnerability in Yahoo Messenger Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file extensions. | 5.0 |
2005-02-16 | CVE-2005-0453 | Remote Security vulnerability in Lighttpd 1.3.7 The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension. | 5.0 |
2005-02-16 | CVE-2005-0452 | Cross-Site Scripting vulnerability in Microsoft ASP.NET Unicode Character Conversion Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". network microsoft | 4.3 |
2005-02-16 | CVE-2005-0105 | Unspecified vulnerability in Typespeed 0.4.1 Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges. | 4.6 |
2005-02-15 | CVE-2005-0447 | Remote Denial Of Service vulnerability in Sun Solaris ARP Handling Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. | 5.0 |
2005-02-15 | CVE-2005-0434 | Cross-Site Scripting vulnerability in PHP-Nuke Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via (1) the newdownloadshowdays parameter in a NewDownloads operation or (2) the newlinkshowdays parameter in a NewLinks operation. network francisco-burzi | 4.3 |
2005-02-15 | CVE-2005-0433 | Cross-Site Scripting vulnerability in PHP-Nuke Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message. | 5.0 |
2005-02-15 | CVE-2005-0176 | Multiple vulnerability in Linux Kernel 2.6.9 The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released. | 5.0 |
2005-02-15 | CVE-2005-0149 | Unspecified vulnerability in Mozilla and Thunderbird Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages. | 5.0 |
2005-02-14 | CVE-2005-0444 | Local Security vulnerability in Workstation VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. | 4.6 |