Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-20 | CVE-2005-2759 | Local Privilege Escalation vulnerability in Symantec Norton Antivirus 9.0.3 ** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. | 7.2 |
2005-10-20 | CVE-2005-3263 | Remote vulnerability in RARLAB WinRAR Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name. | 7.5 |
2005-10-20 | CVE-2005-3262 | Remote vulnerability in RARLAB WinRAR Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename. | 7.5 |
2005-10-20 | CVE-2005-3259 | SQL Injection vulnerability in Versatilebulletinboard 1.0.0.Rc2 Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php. | 7.5 |
2005-10-20 | CVE-2005-3182 | Remote Buffer Overflow vulnerability in GFI Mailsecurity 8.1 Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. | 7.5 |
2005-10-20 | CVE-2005-2971 | Remote Buffer Overflow vulnerability in KDE KOffice KWord RTF Import Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. | 7.5 |
2005-10-18 | CVE-2005-2978 | Buffer Overflow vulnerability in NetPBM PNMToPNG pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack. | 7.5 |
2005-10-18 | CVE-2005-3252 | Remote Stack Buffer Overflow vulnerability in Sourcefire Snort 2.4.0/2.4.1/2.4.2 Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet. | 7.5 |
2005-10-14 | CVE-2005-3239 | Denial Of Service vulnerability in Clam Anti-Virus Clamav . The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function. | 7.8 |
2005-10-14 | CVE-2005-3201 | SQL Injection vulnerability in Utopia News Pro SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter. | 7.5 |