Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-02-08 | CVE-2004-0848 | Unspecified vulnerability in Microsoft products Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. | 7.5 |
| 2005-02-07 | CVE-2005-0231 | Unspecified vulnerability in Mozilla Firefox 1.0 Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." | 2.6 |
| 2005-02-07 | CVE-2005-0175 | Unspecified vulnerability in Squid Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack. | 5.0 |
| 2005-02-07 | CVE-2005-0174 | Remote vulnerability in Squid Proxy Oversize HTTP Headers Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters. | 5.0 |
| 2005-02-07 | CVE-2005-0100 | Remote Format String vulnerability in GNU Emacs and Xemacs Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | 7.5 |
| 2005-02-07 | CVE-2004-1131 | Local Buffer Overflow vulnerability in SCO OpenServer Enable And Disable Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments. | 7.2 |
| 2005-02-03 | CVE-2005-0226 | Remote Format String vulnerability in Ngircd 0.8.2 Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code. | 7.5 |
| 2005-02-02 | CVE-2005-0152 | Unspecified vulnerability in Squirrelmail 1.2.6 PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows remote attackers to execute arbitrary code via "URL manipulation." | 7.5 |
| 2005-02-01 | CVE-2005-0101 | Remote Buffer Overflow vulnerability in Newspost Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character. | 7.5 |
| 2005-01-31 | CVE-2005-0224 | Denial-Of-Service vulnerability in HP Virtualvault 4.5/4.6/4.7 Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic. | 5.0 |