Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0047 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." | 7.2 |
| 2005-05-02 | CVE-2005-0045 | Remote Buffer Overflow vulnerability in Microsoft Windows Server Message Block Handlers The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields. | 7.5 |
| 2005-05-02 | CVE-2005-0044 | Unspecified vulnerability in Microsoft products The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | 7.5 |
| 2005-05-02 | CVE-2005-0043 | Buffer Overflow vulnerability in Apple Itunes 4.7 Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files. | 7.5 |
| 2005-05-02 | CVE-2005-0021 | Unspecified vulnerability in University of Cambridge Exim 4.41/4.42 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. | 7.2 |
| 2005-05-02 | CVE-2005-0015 | Unspecified vulnerability in Crosswire Bible Society Sword 1.5.7A diatheke.pl in Sword 1.5.7a allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | 7.5 |
| 2005-05-02 | CVE-2005-0014 | Remote vulnerability in NCPFS Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client. | 7.5 |
| 2005-05-02 | CVE-2005-0013 | Remote vulnerability in NCPFS nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges. | 7.2 |
| 2005-05-02 | CVE-2005-0012 | Unspecified vulnerability in Dillo web Browser Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page. | 7.5 |
| 2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | 7.5 |