Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-07 | CVE-2005-0667 | Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | 5.1 |
2005-03-07 | CVE-2005-0548 | Unspecified vulnerability in SUN Solaris Answerbook2 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. network sun | 4.3 |
2005-03-07 | CVE-2005-0180 | Integer Overflow vulnerability in Linux Kernel SCSI IOCTL Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions. | 3.6 |
2005-03-07 | CVE-2005-0179 | Unspecified vulnerability in Linux Kernel Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call. | 2.1 |
2005-03-06 | CVE-2005-0692 | Cross-Site Scripting vulnerability in PHP Fusion PHP Fusion 5.0 Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fusion 5.x allows remote attackers to inject arbitrary web script or HTML via a message with IMG bbcode containing character-encoded Javascript. network php-fusion | 4.3 |
2005-03-06 | CVE-2005-0691 | Remote Security vulnerability in SocialMPN PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2005-03-06 | CVE-2005-0687 | Denial-Of-Service vulnerability in Hashcash 1.14/1.15/1.16 Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header. | 7.5 |
2005-03-06 | CVE-2005-0681 | Remote Denial Of Service vulnerability in Nokia Series 60 Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname. | 5.0 |
2005-03-05 | CVE-2005-0688 | Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016). | 5.0 |
2005-03-05 | CVE-2005-0109 | Information Disclosure vulnerability in Multiple Vendor Hyper-Threading Technology Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | 4.7 |