Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0014 | Remote vulnerability in NCPFS Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client. | 7.5 |
2005-05-02 | CVE-2005-0013 | Remote vulnerability in NCPFS nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges. | 7.2 |
2005-05-02 | CVE-2005-0012 | Unspecified vulnerability in Dillo web Browser Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page. | 7.5 |
2005-05-02 | CVE-2005-0011 | Unspecified vulnerability in KDE 3.3/3.3.1/3.3.2 Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. | 10.0 |
2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | 7.5 |
2005-05-02 | CVE-2005-0002 | Unspecified vulnerability in Gentoo Poppassd PAM 1.0 poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users. | 10.0 |
2005-05-02 | CVE-2005-0001 | Local Privilege Escalation vulnerability in Linux Kernel Symmetrical Multiprocessing Page Fault Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion. | 6.9 |
2005-05-02 | CVE-2001-1420 | Denial of Service vulnerability in AOL Instant Messenger 4.7 AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. | 5.0 |
2005-05-02 | CVE-1999-1557 | Denial-Of-Service vulnerability in Ipswitch Imail 5.0 Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password. | 5.0 |
2005-05-02 | CVE-1999-1374 | Unspecified vulnerability in Arpanet Perlshop perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request. | 5.0 |