Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0644 | Buffer Overflow/Directory Traversal vulnerability in Mcafee Antivirus Engine 4.3.20 Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of CVE-2005-0643. | 7.5 |
2005-05-02 | CVE-2005-0643 | Buffer Overflow/Directory Traversal vulnerability in Mcafee Antivirus Engine 4.3.20 Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files. | 7.5 |
2005-05-02 | CVE-2005-0642 | Unspecified vulnerability in Broadcom Unicenter Asset Management 4.0 SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file. | 7.5 |
2005-05-02 | CVE-2005-0637 | Unspecified vulnerability in Openbsd 3.5/3.6 The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | 5.0 |
2005-05-02 | CVE-2005-0635 | Remote vulnerability in Foxmail Email Server 2.0 Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command. | 10.0 |
2005-05-02 | CVE-2005-0634 | Remote Buffer Overflow vulnerability in Kmint21 Software Golden FTP Server 1.92 Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | 7.5 |
2005-05-02 | CVE-2005-0627 | Local Code Execution vulnerability in Trolltech QT Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. | 4.6 |
2005-05-02 | CVE-2005-0621 | Denial-Of-Service vulnerability in Enlight Software Scrapland 1.0 Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets. | 5.0 |
2005-05-02 | CVE-2005-0618 | The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network. | 6.4 |
2005-05-02 | CVE-2005-0617 | SQL-Injection vulnerability in Postnuke Software Foundation Postnuke 0.750/0.760Rc2 SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter. | 7.5 |