Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-01 | CVE-2004-0992 | Remote Format String vulnerability in Proxytunnel Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer. | 10.0 |
2005-03-01 | CVE-2004-0990 | Remote Integer Overflow vulnerability in GD Graphics Library Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. | 10.0 |
2005-03-01 | CVE-2004-0989 | Remote Stack Buffer Overflow vulnerability in Libxml2 Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. | 10.0 |
2005-03-01 | CVE-2004-0988 | Unspecified vulnerability in Apple Quicktime Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | 5.0 |
2005-03-01 | CVE-2004-0986 | Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. | 7.5 |
2005-03-01 | CVE-2004-0983 | Denial Of Service vulnerability in Yukihiro Matsumoto Ruby CGI Module The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. | 5.0 |
2005-02-28 | CVE-2005-0625 | Information Disclosure vulnerability in Debian Reportbug 2.60/2.61/3.2 reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | 2.1 |
2005-02-28 | CVE-2005-0624 | Local Security vulnerability in Debian Reportbug 2.60/2.61 reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords. | 2.1 |
2005-02-28 | CVE-2005-0619 | Information Disclosure vulnerability in Einstein Einstein 1.0.1 stores sensitive information such as usernames and passwords in plaintext in the registry, which allows local users to gain privileges. | 2.1 |
2005-02-28 | CVE-2005-0616 | Cross-Site Scripting vulnerability in Download module for PostNuke Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. network postnuke-software-foundation | 4.3 |