Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-10 | CVE-2004-1149 | Unspecified vulnerability in Broadcom Etrust EZ Antivirus Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe. | 7.2 |
2005-01-10 | CVE-2004-1148 | Unspecified vulnerability in PHPmyadmin phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter. | 5.0 |
2005-01-10 | CVE-2004-1147 | Unspecified vulnerability in PHPmyadmin phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters. | 10.0 |
2005-01-10 | CVE-2004-1138 | Unspecified vulnerability in VIM Development Group VIM VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu. | 7.2 |
2005-01-10 | CVE-2004-1137 | Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. | 10.0 |
2005-01-10 | CVE-2004-1136 | Denial-Of-Service vulnerability in Globalscape Cuteftp 6.0 Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. | 5.0 |
2005-01-10 | CVE-2004-1135 | Denial-Of-Service vulnerability in Ipswitch WS FTP Server 5.03 Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands. | 5.0 |
2005-01-10 | CVE-2004-1134 | Unspecified vulnerability in Microsoft W3Who.Dll Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string. | 10.0 |
2005-01-10 | CVE-2004-1133 | Unspecified vulnerability in Microsoft W3Who.Dll Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML and web script via (1) HTTP headers such as "Connection" or (2) invalid parameters whose values are echoed in the resulting error message. network microsoft | 6.8 |
2005-01-10 | CVE-2004-1130 | Remote vulnerability in Youngzsoft Cmailserver 5.2.0 Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments. network youngzsoft | 6.8 |