Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-30 | CVE-2005-3906 | Privilege Escalation vulnerability in SUN JDK and JRE Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. | 7.5 |
| 2005-11-30 | CVE-2005-3905 | Privilege Escalation vulnerability in SUN JDK and JRE Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. | 7.5 |
| 2005-11-30 | CVE-2005-3904 | Privilege Escalation vulnerability in SUN JDK and JRE Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors. | 7.5 |
| 2005-11-29 | CVE-2005-3901 | Unspecified vulnerability in Macromedia Flash Communication Server 1.0/1.5 Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133). | 7.8 |
| 2005-11-29 | CVE-2005-3900 | Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133). | 7.8 |
| 2005-11-29 | CVE-2005-3897 | Denial-Of-Service vulnerability in Apple Safari 2.0.2 Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function. | 7.8 |
| 2005-11-29 | CVE-2005-3896 | Unspecified vulnerability in Mozilla Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function. | 7.8 |
| 2005-11-29 | CVE-2005-3893 | Unspecified vulnerability in Otrs Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) user parameter in the Login action, and remote authenticated users via the (2) TicketID and (3) ArticleID parameters of the AgentTicketPlain action. | 7.5 |
| 2005-11-29 | CVE-2005-3891 | Unspecified vulnerability in Gadu-Gadu Instant Messenger 7.20 Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer. | 7.8 |
| 2005-11-29 | CVE-2005-3890 | Unspecified vulnerability in Gadu-Gadu Instant Messenger 7.20 Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs. | 7.8 |