Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-23 | CVE-2005-2701 | Heap Overflow vulnerability in Mozilla Browser/Firefox XBM Image Processing Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag. | 7.5 |
2005-09-22 | CVE-2005-3043 | SQL Injection vulnerability in Mall23 AddItem.ASP SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. | 7.5 |
2005-09-22 | CVE-2005-3042 | Remote PAM Authentication Bypass vulnerability in Webmin / Usermin miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). | 7.5 |
2005-09-22 | CVE-2005-3039 | SQL Injection vulnerability in Mall23 Infopage.ASP SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter. | 7.5 |
2005-09-22 | CVE-2005-3034 | Authentication Bypass vulnerability in Compuware Driverstudio 2.7/3.0Beta2 Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session. | 7.5 |
2005-09-22 | CVE-2005-3033 | Denial-Of-Service vulnerability in Cambridge Computer Corporation Vxweb 1.1.4 Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | 7.5 |
2005-09-22 | CVE-2005-3032 | Remote Buffer Overflow vulnerability in Cambridge Computer Corporation Vxtftpsrv 1.7 Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument. | 7.5 |
2005-09-22 | CVE-2005-3031 | Remote Security vulnerability in Cambridge Computer Corporation Vxftpsrv 0.9.7 Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name. | 7.5 |
2005-09-21 | CVE-2005-3029 | Remote Buffer Overflow vulnerability in Ahnlab V3 Virusblock 2005, V3Net and V3Pro 2004 Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in an ACE archive. | 7.5 |
2005-09-21 | CVE-2005-3024 | SQL-Injection vulnerability in vBulletin Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, the (2) thread[forumid] or (3) criteria parameters to thread.php, (4) userid parameter to user.php, the (5) calendarcustomfieldid, (6) calendarid, (7) moderatorid, (8) holidayid, (9) calendarmoderatorid, or (10) calendar[0] parameters to admincalendar.php, (11) the cronid parameter to cronlog.php, (12) user[usergroupid][0] parameter to email.php, (13) help[0] parameter to help.php, the (14) limitnumber or (15) limitstart parameter to user.php, the (16) usertitleid or (17) ids parameters to usertitle.php, (18) rvt[0] parameter to language.php, (19) keep[0] parameter to phrase.php, (20) dostyleid parameter to template.php, (21) thread[forumid] parameter to thread.php, or (22) usertools.php. | 7.5 |