Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-02 | CVE-2005-2777 | Remote Command Execution vulnerability in Looking Glass Looking Glass 20040427 Looking Glass 20040427 allows remote attackers to execute arbitrary commands via shell metacharacters in the DNS lookup query field. | 7.5 |
| 2005-09-02 | CVE-2005-2775 | Remote File Include vulnerability in PHPwebnotes 2.0.0 php_api.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $t_path_core, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the t_path_core parameter. | 7.5 |
| 2005-09-02 | CVE-2005-2772 | Remote Buffer Overflow vulnerability in University of Minnesota Gopher 3.0.9 Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function. | 7.5 |
| 2005-09-02 | CVE-2005-2770 | Remote Security vulnerability in WRQ Reflection for Secure IT Windows Server 6.0 WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login. | 7.5 |
| 2005-09-02 | CVE-2005-2768 | Remote Heap Overflow vulnerability in Sophos Anti-Virus Library Visio Scanning Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length. | 7.5 |
| 2005-09-02 | CVE-2005-2767 | Remote Buffer Overflow vulnerability in Leapware Leapftp 2.7.3.600/2.7.4/2.7.4.602 Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file. | 7.5 |
| 2005-09-02 | CVE-2005-1857 | Remote Syslog() Format String vulnerability in Simpleproxy Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply. | 7.5 |
| 2005-09-01 | CVE-2005-0403 | Unspecified vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. | 7.2 |
| 2005-08-30 | CVE-2005-2654 | Unspecified vulnerability in PHPldapadmin Project PHPldapadmin phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set. | 7.5 |
| 2005-08-30 | CVE-2005-2733 | Remote Arbitrary File Upload vulnerability in Alexander Palmo Simple PHP Blog 0.4.0 upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code. | 7.5 |