Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0173 | Authentication Bypass vulnerability in Squid Proxy squid_ldap_auth squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server. | 7.5 |
| 2005-05-02 | CVE-2005-0158 | Unspecified vulnerability in Bidwatcher Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses. | 7.5 |
| 2005-05-02 | CVE-2005-0147 | Unspecified vulnerability in Mozilla Firefox and Mozilla Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials. | 7.5 |
| 2005-05-02 | CVE-2005-0140 | Remote Buffer Overflow vulnerability in Peid 0.92 Buffer overflow in PeID allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name. | 7.5 |
| 2005-05-02 | CVE-2005-0126 | Remote Buffer Overflow vulnerability in Apple ColorSync ICC Header ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. | 7.5 |
| 2005-05-02 | CVE-2005-0091 | Multiple vulnerability in Red Hat Enterprise Linux Kernel Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls. | 7.2 |
| 2005-05-02 | CVE-2005-0088 | Information Disclosure vulnerability in Apache mod_python Module Publisher Handler The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL. | 7.5 |
| 2005-05-02 | CVE-2005-0086 | Unspecified vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. | 7.5 |
| 2005-05-02 | CVE-2005-0076 | Unspecified vulnerability in Debian Linux 3.0 Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. | 7.2 |
| 2005-05-02 | CVE-2005-0070 | Local File Disclosure vulnerability in Synaesthesia Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. | 7.2 |