Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-12 | CVE-2005-0376 | Remote Security vulnerability in Sergey Kiselev Sgallery 1.01 PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php. | 7.5 |
2005-01-11 | CVE-2005-0288 | Unspecified vulnerability in Bottomline Webseries Payment Application 4.0 The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords. | 3.6 |
2005-01-11 | CVE-2005-0117 | Local Security vulnerability in XShisen Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field. | 4.6 |
2005-01-11 | CVE-2005-0108 | Integer Overflow vulnerability in Apache MOD Auth Radius 1.5.4 Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument. | 5.0 |
2005-01-11 | CVE-2005-0097 | Remote Denial of Service vulnerability in Squid Proxy Malformed NTLM Type 3 Message The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference. | 5.0 |
2005-01-11 | CVE-2004-1039 | Denial of Service vulnerability in SCO UnixWare NFS Mountd The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. | 5.0 |
2005-01-11 | CVE-2004-0991 | Heap Overflow vulnerability in MPG123 Layer 2 Frame Header Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. | 7.5 |
2005-01-11 | CVE-2004-0897 | Buffer Overflow vulnerability in Microsoft Windows 2003 Server and Windows XP The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 10.0 |
2005-01-10 | CVE-2005-0287 | Remote Security vulnerability in Bottomline Webseries Payment Application 4.0 Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values. | 5.0 |
2005-01-10 | CVE-2005-0284 | SQL-Injection vulnerability in Woltlab Burning Book 1.0Gold/1.1.1E SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter. | 7.5 |