Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0560 | Out-Of-Bounds Write vulnerability in Microsoft Exchange Server 2000/2003 Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port. | 7.5 |
| 2005-05-02 | CVE-2005-0554 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." | 7.5 |
| 2005-05-02 | CVE-2005-0546 | Remote Buffer Overflow vulnerability in Cyrus IMAPD Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd. | 7.5 |
| 2005-05-02 | CVE-2005-0545 | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. | 7.2 |
| 2005-05-02 | CVE-2005-0541 | Remote Security vulnerability in Cyclades Alterpath Manager 1.2.1 consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to connect to arbitrary consoles by modifying the consolename parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0533 | Heap Overflow vulnerability in Trend Micro VSAPI ARJ Handling Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. | 7.5 |
| 2005-05-02 | CVE-2005-0523 | Remote Client-Side Format String vulnerability in ProZilla Initial Server Response Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | 7.5 |
| 2005-05-02 | CVE-2005-0501 | Remote Nickname Buffer Overrun vulnerability in Digipen Institute of Technology Bontago 1.1 Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname. | 7.5 |
| 2005-05-02 | CVE-2005-0498 | Information Disclosure vulnerability in Gigafast Router Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext. | 7.5 |
| 2005-05-02 | CVE-2005-0497 | Local Security vulnerability in Elite System Max 9000 ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory. | 7.2 |