Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-19 | CVE-2005-2298 | Security Bypass vulnerability in Bitdefender Engine BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards. | 5.0 |
2005-07-19 | CVE-2005-2297 | Local Security vulnerability in EAServer Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. | 4.6 |
2005-07-19 | CVE-2005-1530 | Remote Denial Of Service vulnerability in Sophos Anti-Virus BZip2 Archive Handling Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value. | 5.0 |
2005-07-18 | CVE-2005-2296 | Information Disclosure vulnerability in Yabb 1.5.5C YabbSE 1.5.5c allows remote attackers to obtain sensitive information via a direct request to ssi_examples.php, which reveals the path. | 5.0 |
2005-07-18 | CVE-2005-2295 | Remote Denial of Service vulnerability in Pyrosoft INC Netpanzer 0.8 NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (infinite loop) via a packet with a zero datablock size. | 5.0 |
2005-07-18 | CVE-2005-2293 | Incomplete Cleanup vulnerability in Oracle Forms Builder 9.0.4 Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information. | 5.5 |
2005-07-18 | CVE-2005-2291 | Information Disclosure vulnerability in Oracle Jdeveloper 10.1.2/9.0.4/9.0.5 Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. | 4.6 |
2005-07-18 | CVE-2005-2289 | Information Disclosure vulnerability in PHPcounter 7.2 PHPCounter 7.2 allows remote attackers to obtain sensitive information via a direct request to prelims.php, which reveals the path in an error message. | 5.0 |
2005-07-18 | CVE-2005-2288 | Unspecified vulnerability in PHPcounter 7.2 Cross-site scripting (XSS) vulnerability in PHPCounter 7.2 allows remote attackers to inject arbitrary web script or HTML via the EpochPrefix parameter. network phpcounter | 4.3 |
2005-07-18 | CVE-2005-2287 | Denial-Of-Service vulnerability in Wmailserver 1.0/2.0 SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow. | 5.0 |