Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-03 | CVE-2005-0671 | Remote vulnerability in Ca3DE Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | 7.5 |
| 2005-03-02 | CVE-2005-0639 | Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. | 7.5 |
| 2005-03-02 | CVE-2005-0638 | xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. | 7.5 |
| 2005-03-02 | CVE-2005-0633 | Remote PNG Image File Parsing Buffer Overflow vulnerability in Cerulean Studios Trillian and Trillian PRO Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | 7.5 |
| 2005-03-02 | CVE-2005-0605 | Integer Overflow vulnerability in libXPM Bitmap_unit scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | 7.5 |
| 2005-03-01 | CVE-2005-0623 | Remote Security vulnerability in Raidenhttpd 1.1.32 Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL. | 7.5 |
| 2005-03-01 | CVE-2004-1051 | sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. | 7.2 |
| 2005-03-01 | CVE-2004-1038 | Local Security vulnerability in Ieee Firewire Ieee 1394 A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. | 7.2 |
| 2005-03-01 | CVE-2004-1031 | Local vulnerability in Fcron FCronTab/FCronSighUp fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ. | 7.2 |
| 2005-03-01 | CVE-2004-1021 | Unspecified vulnerability in Apple Ical 1.5.3 iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms. | 7.5 |