Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0407 | HTML Injection vulnerability in OpenConf Paper Submission Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title. network zakon-group | 4.3 |
2005-05-02 | CVE-2005-0404 | KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. | 5.0 |
2005-05-02 | CVE-2005-0402 | Unspecified vulnerability in Mozilla Firefox Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page. | 2.6 |
2005-05-02 | CVE-2005-0401 | Remote Insecure XUL Start Up Script Loading vulnerability in Mozilla Browser FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2." | 5.1 |
2005-05-02 | CVE-2005-0400 | Unspecified vulnerability in Linux Kernel The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | 2.1 |
2005-05-02 | CVE-2005-0399 | Remote Heap Overflow vulnerability in Mozilla Firefox, Mozilla and Thunderbird Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. | 5.1 |
2005-05-02 | CVE-2005-0397 | Unspecified vulnerability in Imagemagick Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | 7.5 |
2005-05-02 | CVE-2005-0396 | Local Denial of Service vulnerability in KDE Dcopserver and Desktop Communication Protocol Daemon Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process." | 2.1 |
2005-05-02 | CVE-2005-0391 | Unspecified vulnerability in Daniel DE Rauglaudre Geneweb geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files. | 5.0 |
2005-05-02 | CVE-2005-0388 | Unspecified vulnerability in Remstats 1.0.13 Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising." | 7.5 |