Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0534 | Unspecified vulnerability in Mediawiki Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script. network mediawiki | 4.3 |
2005-05-02 | CVE-2005-0533 | Heap Overflow vulnerability in Trend Micro VSAPI ARJ Handling Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. | 7.5 |
2005-05-02 | CVE-2005-0527 | Unspecified vulnerability in Mozilla Firefox 1.0 Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling." | 5.1 |
2005-05-02 | CVE-2005-0526 | Cross-Site Scripting vulnerability in Pblang 4.65 Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which is processed by pmpshow.php. network pblang | 4.3 |
2005-05-02 | CVE-2005-0525 | Unspecified vulnerability in PHP The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | 5.0 |
2005-05-02 | CVE-2005-0524 | Unspecified vulnerability in PHP The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. | 5.0 |
2005-05-02 | CVE-2005-0523 | Remote Client-Side Format String vulnerability in ProZilla Initial Server Response Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | 7.5 |
2005-05-02 | CVE-2005-0522 | Unspecified vulnerability in Lionmax Software Chat Anywhere 2.72A Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges. | 4.6 |
2005-05-02 | CVE-2005-0501 | Remote Nickname Buffer Overrun vulnerability in Digipen Institute of Technology Bontago 1.1 Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname. | 7.5 |
2005-05-02 | CVE-2005-0500 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. | 5.0 |