Vulnerabilities > Improper Input Validation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-01-24 | CVE-2006-0321 | Improper Input Validation vulnerability in Fetchmail 6.3.0/6.3.1 fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster. | 5.0 |
2006-01-21 | CVE-2006-0340 | Improper Input Validation vulnerability in Cisco IOS Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | 7.1 |
2006-01-13 | CVE-2006-0203 | Improper Input Validation vulnerability in Mini-Nuke CMS System membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter. | 5.0 |
2005-12-31 | CVE-2005-4846 | Improper Input Validation vulnerability in Spey 0.3.3 Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call. | 4.3 |
2005-12-28 | CVE-2005-4560 | Improper Input Validation vulnerability in Microsoft Windows 2003 Server and Windows XP The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com. | 7.5 |
2005-12-07 | CVE-2005-2923 | Improper Input Validation vulnerability in Ipswitch Imail Server and Ipswitch Collaboration Suite The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory. | 4.0 |
2005-12-01 | CVE-2005-3946 | Improper Input Validation vulnerability in Opera Browser 8.50 Opera 8.50 allows remote attackers to cause a denial of service (crash) via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class. | 5.0 |
2005-11-18 | CVE-2005-3678 | Improper Input Validation vulnerability in Google Talk Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a denial of service (connection reset) via email with a blank sender. | 5.0 |
2005-11-16 | CVE-2005-3591 | Improper Input Validation vulnerability in Macromedia Flash Player Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628. | 7.5 |
2005-11-02 | CVE-2005-3467 | Improper Input Validation vulnerability in Solarwinds Serv-U File Server Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. | 5.0 |