Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-15 | CVE-2005-2935 | Local Security vulnerability in Microsoft AntiSpyware Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. | 4.6 |
| 2005-09-15 | CVE-2005-2918 | Unspecified vulnerability in Gtkdiskfree The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file. | 5.0 |
| 2005-09-15 | CVE-2005-2495 | Numeric Errors vulnerability in Xfree86 Project Xfree86 Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. | 5.1 |
| 2005-09-14 | CVE-2005-2916 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. | 5.0 |
| 2005-09-14 | CVE-2005-2915 | Remote Security vulnerability in Linksys Wrt54G 2.04.4Nondefault/3.01.3/3.03.6 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | 5.0 |
| 2005-09-14 | CVE-2005-2912 | Denial-Of-Service vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | 5.0 |
| 2005-09-14 | CVE-2005-2904 | Remote Denial Of Service vulnerability in Zebedee 2.4.1 Zebedee 2.4.1, when "allowed redirection port" is not set, allows remote attackers to cause a denial of service (application crash) via a zero in the port number of the protocol option header, which triggers an assert error in the makeConnection function in zebedee.c. | 5.0 |
| 2005-09-14 | CVE-2005-2901 | Unspecified vulnerability in CJ Desing Cjweb2Mail 3.0 Multiple Cross-site scripting (XSS) vulnerabilities in CjWeb2Mail 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) message, or (3) ip parameter to thankyou.php or (4) emsg parameter to web2mail.php. network cj-desing | 4.3 |
| 2005-09-14 | CVE-2005-2900 | Unspecified vulnerability in CJ Desing Cjlinkout 1.0 Cross-site scripting (XSS) vulnerability in top.php in CjLinkOut 1.0 allows remote attackers to inject arbitrary web script or HTML via the 123 parameter. network cj-desing | 4.3 |
| 2005-09-14 | CVE-2005-2899 | Unspecified vulnerability in CJ Design CJ TAG Board 3.0 Multiple cross-site scripting (XSS) vulnerabilities in details.php in CjTagBoard 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date, (2) time, (3) name, (4) ip, (5) agent, or (6) msg parameter. network cj-design | 4.3 |