Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-13 | CVE-2005-2875 | Remote Python Code Execution vulnerability in Py2Play Object Unpickling Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes. | 7.5 |
2005-09-09 | CVE-2005-2871 | Remote Buffer Overflow vulnerability in Mozilla/Netscape/Firefox Browsers Domain Name Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. | 7.5 |
2005-09-08 | CVE-2005-2870 | Remote Security vulnerability in SUN Solaris 10.0 Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses. | 7.5 |
2005-09-08 | CVE-2005-2867 | SQL Injection vulnerability in BlueWhaleCRM AccountID SQL injection vulnerability in BlueWhaleCRM allows remote attackers to execute arbitrary SQL commands via the Account ID field. | 7.5 |
2005-09-08 | CVE-2005-2865 | Remote Security vulnerability in Amember 2.3.4 Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php. | 7.5 |
2005-09-08 | CVE-2005-2862 | Remote Security vulnerability in Road Runner Adsl Road Runner Modem Annexa ADSL Road Runner modem in the Annex A family has a service running on port 224, which allows remote attackers to login to the modem with a blank password and gain unauthorized access. | 7.5 |
2005-09-08 | CVE-2005-2857 | Remote Security vulnerability in Softstack Free Smtp Server 2.2 Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy). | 7.5 |
2005-09-08 | CVE-2005-2856 | Buffer Errors vulnerability in Winace 2.6.0.0 Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive. | 7.5 |
2005-09-08 | CVE-2005-2847 | Remote Command Execution vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. | 7.5 |
2005-09-08 | CVE-2005-2844 | Remote Buffer Overflow vulnerability in Indiatimes Messenger Indiatimes Messenger 6.0 Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long group name argument to the RenameGroup function in the MMClient.MunduMessenger.1 ActiveX object. | 7.5 |