Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-14 | CVE-2005-1206 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability." | 7.5 |
2005-06-13 | CVE-2005-1972 | SQL-Injection vulnerability in Interactivephp Fusionbb 11Beta Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie. | 7.5 |
2005-06-13 | CVE-2005-1936 | Remote Authentication Bypass vulnerability in Xerox Document Centre ESS/Network Controller Web Server Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 and earlier allows attackers to "gain unauthorized access." | 7.5 |
2005-06-13 | CVE-2005-1935 | Remote Security vulnerability in Windows NT Terminal Server Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. | 7.5 |
2005-06-13 | CVE-2005-1933 | Remote Security vulnerability in Apple mac OS X 10.4 Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | 7.5 |
2005-06-13 | CVE-2005-1760 | Information Disclosure vulnerability in RedHat Linux SysReport Proxy sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges. | 7.5 |
2005-06-13 | CVE-2005-1474 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | 7.5 |
2005-06-13 | CVE-2005-0151 | Unspecified vulnerability in Adobe Creative Suite, Photoshop and Premiere Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. | 7.5 |
2005-06-12 | CVE-2005-1959 | Remote Arbitrary Command Execution vulnerability in Jammail 1.8 jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter. | 7.5 |
2005-06-12 | CVE-2005-1957 | Improper Authentication vulnerability in Adam Mmedici File Upload Manager mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action. | 7.5 |