Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0577 | Remote Security vulnerability in mkbold-mkitalic Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files. | 5.1 |
2005-05-02 | CVE-2005-0574 | Remote Directory Traversal vulnerability in Cupidsystems CIS Webserver 3.5.13 Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. | 5.0 |
2005-05-02 | CVE-2005-0573 | Denial-Of-Service vulnerability in ROB Flynn Gaim 1.1.3 Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters. | 5.0 |
2005-05-02 | CVE-2005-0571 | Remote Security vulnerability in Punbb 1.2.1 admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter. | 5.0 |
2005-05-02 | CVE-2005-0570 | Remote Input Validation vulnerability in Punbb 1.2.1 profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL. | 5.0 |
2005-05-02 | CVE-2005-0568 | Remote Denial Of Service vulnerability in Raven Software Soldier Of Fortune 2 Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference. | 5.0 |
2005-05-02 | CVE-2005-0558 | Unspecified vulnerability in Microsoft Word 2000/2002/2003 Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | 5.1 |
2005-05-02 | CVE-2005-0553 | Unspecified vulnerability in Microsoft IE and Internet Explorer Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | 5.1 |
2005-05-02 | CVE-2005-0549 | Unspecified vulnerability in SUN Solaris Answerbook2 1.4/1.4.2/1.4.4 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. network sun | 4.3 |
2005-05-02 | CVE-2005-0544 | Remote Security vulnerability in PHPmyadmin 2.6.1 phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message. | 5.0 |