Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-27 | CVE-2004-0933 | Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse | 7.5 |
| 2005-01-27 | CVE-2004-0932 | McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse | 7.5 |
| 2005-01-27 | CVE-2004-0921 | Multiple Security vulnerability in Apple Mac OS X AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | 7.5 |
| 2005-01-27 | CVE-2004-0892 | Unspecified vulnerability in Microsoft ISA Server, Proxy Server and Windows 2003 Server Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results. | 7.5 |
| 2005-01-27 | CVE-2004-0887 | Local Privilege Escalation vulnerability in Linux IBM S/390 Kernel SACF Instruction SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges. | 7.2 |
| 2005-01-27 | CVE-2004-0884 | Remote And Local vulnerability in Cyrus SASL The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. | 7.2 |
| 2005-01-26 | CVE-2005-0162 | Remote Buffer Overflow vulnerability in Xelerance Corporation Openswan XAUTH/PAM Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. | 7.2 |
| 2005-01-26 | CVE-2003-1021 | Local Command Line Buffer Overflow vulnerability in SCO scosession The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. | 7.2 |
| 2005-01-24 | CVE-2005-0308 | Buffer Overflow vulnerability in Ursoftware W32Dasm 8.94 Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name. | 7.5 |
| 2005-01-24 | CVE-2005-0115 | Remote Buffer Overflow vulnerability in Datarescue IDA 4.7 Stack-based buffer overflow in DataRescue Interactive Disassembler (IDA) Pro 4.7 allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name. | 7.5 |