Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-23 | CVE-2005-0359 | Multiple vulnerability in EMC Legato Networker The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service. | 6.4 |
2005-08-19 | CVE-2005-2624 | Remote Security vulnerability in Cpaint 1.3Sp Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaint_argument[] parameter to (1) calculator.asp or (2) cpaintfile.asp, which is directly fed into an eval statement. | 5.0 |
2005-08-19 | CVE-2005-2623 | Remote Security vulnerability in Ecw-Shop 6.0.2 ECW-Shop 6.0.2 allows remote attackers to reduce the total cost of their shopping cart by specifying a negative quantity for an item, which causes the price of the item to be subtracted from the total cost. | 5.0 |
2005-08-19 | CVE-2005-2622 | Cross-Site Scripting vulnerability in Ecw-Shop 6.0.2 Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 6.0.2 allows remote attackers to inject arbitrary web script or HTML via the (1) max or (2) ctg parameter. network ecw-shop | 4.3 |
2005-08-19 | CVE-2005-2621 | SQL-Injection vulnerability in Ecw-Shop 6.0.2 index.php in ECW-Shop 6.0.2 allows remote attackers to obtain sensitive information via the (1) min or (2) max parameter with a "'" (single quote), which reveals the path in an error message, possibly due to a SQL injection vulnerability. | 5.0 |
2005-08-19 | CVE-2005-2526 | CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | 5.0 |
2005-08-19 | CVE-2005-2525 | CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). | 5.0 |
2005-08-19 | CVE-2005-2523 | Unspecified vulnerability in Apple mac OS X and Weblog Server Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. network apple | 4.3 |
2005-08-19 | CVE-2005-2522 | Unspecified vulnerability in Apple mac OS X and Safari Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file. | 5.1 |
2005-08-19 | CVE-2005-2521 | Unspecified vulnerability in Apple mac OS X 10.3.9 Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors. | 4.6 |