Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-09 | CVE-2005-1891 | Integer Underflow (Wrap or Wraparound) vulnerability in AOL AIM The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. | 7.5 |
| 2005-06-09 | CVE-2005-1882 | Remote Security vulnerability in Yapig 0.93U/0.94U PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter. | 7.5 |
| 2005-06-09 | CVE-2005-1873 | Remote Security vulnerability in Crob FTP 3.6.1 Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string. | 7.5 |
| 2005-06-09 | CVE-2005-1871 | Remote Security vulnerability in Drupal Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly." | 7.5 |
| 2005-06-09 | CVE-2005-1867 | Remote Security vulnerability in Brightmail Anti-Spam Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges. | 7.5 |
| 2005-06-09 | CVE-2005-1763 | Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory. | 7.2 |
| 2005-06-08 | CVE-2005-1960 | The getemails function in C.J. | 7.5 |
| 2005-06-08 | CVE-2005-1943 | SQL Injection vulnerability in Loki Download Manager Default.ASP Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp. | 7.5 |
| 2005-06-08 | CVE-2005-1941 | Incorrect Default Permissions vulnerability in Silvercity Project Silvercity SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code. | 7.8 |
| 2005-06-08 | CVE-2005-1758 | Remote vulnerability in Novell NetMail Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code. | 7.5 |