Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-31 | CVE-2005-2464 | Security Bypass vulnerability in Pcxp Toppe CMS Pcxp Toppe CMS 1.15/2 login.php in PCXP/TOPPE CMS allows remote attackers to bypass authentication and gain privileges by modifying the cookie to match the target userid. | 7.5 |
2005-12-31 | CVE-2005-2342 | Denial Of Service vulnerability in Blackberry Enterprise Server Router SRP Packet Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. | 7.8 |
2005-12-31 | CVE-2005-2341 | Buffer Errors vulnerability in RIM products Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file. | 7.5 |
2005-12-31 | CVE-2005-2340 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. | 7.5 |
2005-12-31 | CVE-2005-2315 | Remote Security vulnerability in dnrd Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared. | 7.5 |
2005-12-31 | CVE-2005-1528 | Local Privilege Escalation and Denial Of Service vulnerability in QNX Rtos 6.2.1 Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library. | 7.2 |
2005-12-30 | CVE-2005-4587 | Remote Denial of Service vulnerability in Juniper NetScreen-Security Manager 2004 Juniper NetScreen-Security Manager (NSM) 2004 FP2 and FP3 allow remote attackers to cause a denial of service (crash or hang of server components that are automatically restarted) via a long crafted string on (1) port 7800 (the GUI Server port) or (2) port 7801 (the Device Server port). | 7.8 |
2005-12-30 | CVE-2005-4586 | SQL Injection vulnerability in PHPsurveyor 0.99 Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 allow remote attackers to execute arbitrary SQL commands via the (1) sql parameter in browse.php and the (2) sid, (3) lid, (4) gid, and (5) token parameters in certain PHP scripts. | 7.5 |
2005-12-29 | CVE-2005-4582 | Remote Security vulnerability in Scott Draves Electric Sheep 2.6.3 Electric Sheep 2.6.3 does not require authentication or integrity checks from the server to the client, which allows remote attackers to download and display arbitrary MPEG movie files via (1) DNS spoofing, (2) a URL on the command line, or (3) a URL in the configuration file. | 7.5 |
2005-12-29 | CVE-2005-4578 | Input Validation vulnerability in Hitachi Business Logic Multiple SQL injection vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to execute arbitrary SQL commands via unknown attack vectors in an unspecified input form. | 7.5 |