Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-11 | CVE-2004-0897 | Buffer Overflow vulnerability in Microsoft Windows 2003 Server and Windows XP The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 10.0 |
2005-01-10 | CVE-2005-0287 | Remote Security vulnerability in Bottomline Webseries Payment Application 4.0 Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values. | 5.0 |
2005-01-10 | CVE-2005-0284 | SQL-Injection vulnerability in Woltlab Burning Book 1.0Gold/1.1.1E SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter. | 7.5 |
2005-01-10 | CVE-2004-1314 | Unspecified vulnerability in Apple Safari Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. | 7.5 |
2005-01-10 | CVE-2004-1313 | Local Security vulnerability in Webroot Software MY Firewall Plus 5.0 The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges. | 7.2 |
2005-01-10 | CVE-2004-1311 | Denial-Of-Service vulnerability in Mplayer 1.0Pre5 Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | 10.0 |
2005-01-10 | CVE-2004-1310 | Remote Security vulnerability in Mplayer 1.0Pre5 Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. | 10.0 |
2005-01-10 | CVE-2004-1309 | Remote Security vulnerability in Mplayer Unix Mplayer 1.0Pre5 Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap (BMP) file containing a large biClrUsed field. | 10.0 |
2005-01-10 | CVE-2004-1308 | Unspecified vulnerability in Libtiff Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow. | 10.0 |
2005-01-10 | CVE-2004-1304 | Buffer Overflow vulnerability in File ELF Header Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | 10.0 |