Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-14 | CVE-2005-3199 | SQL Injection vulnerability in AspReady FAQ Manager Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters. | 7.5 |
| 2005-10-14 | CVE-2005-3197 | Local vulnerability in Webroot Software Desktop Firewall 1.3.0.43 Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. | 7.2 |
| 2005-10-14 | CVE-2005-2967 | Remote CDDB Information Format String vulnerability in Xine-Lib Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | 7.5 |
| 2005-10-14 | CVE-2005-2661 | Remote Format String vulnerability in Up-Imapproxy 1.2.3/1.2.4 Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line. | 7.5 |
| 2005-10-13 | CVE-2005-3190 | Unspecified vulnerability in Broadcom Igateway 3.0/4.0 Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. | 7.5 |
| 2005-10-13 | CVE-2005-3185 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. | 7.5 |
| 2005-10-13 | CVE-2005-2943 | Local Buffer Overflow vulnerability in XMail Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option. | 7.5 |
| 2005-10-13 | CVE-2005-2933 | Buffer Overflow vulnerability in University Of Washington IMAP Mailbox Name Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely. | 7.5 |
| 2005-10-13 | CVE-2005-2963 | Authentication Bypass vulnerability in Apache Mod_Auth_Shadow The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions. | 7.5 |
| 2005-10-13 | CVE-2005-1985 | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages. | 7.5 |