Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-29 | CVE-2005-2071 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris 10.0 traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . | 4.6 |
2005-06-29 | CVE-2005-2070 | Remote Denial Of Service Weakness in Sendmail Milter The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading. | 5.0 |
2005-06-29 | CVE-2005-2065 | Unspecified vulnerability in Asp-Nuke 0.80 HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parameter. | 5.0 |
2005-06-29 | CVE-2005-2064 | Cross-Site Scripting vulnerability in Asp-Nuke 0.80 Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp. | 5.0 |
2005-06-29 | CVE-2005-2063 | Cross-Site Scripting vulnerability in Active web Softwares Activebuyandsell 6.2 Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp. network active-web-softwares | 4.3 |
2005-06-29 | CVE-2005-2061 | Remote Security vulnerability in UBB.threads Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte. | 5.0 |
2005-06-29 | CVE-2005-2060 | Remote Security vulnerability in UBB.threads Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter. | 5.0 |
2005-06-29 | CVE-2005-2059 | Cross-Site Request Forgery (CSRF) vulnerability in Ubbcentral Ubb.Threads Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag. | 6.5 |
2005-06-29 | CVE-2005-2057 | Cross-Site Scripting vulnerability in UBB.threads Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number, (6) Board, or (7) what parameter to showprofile.php, (8) fpart or (9) page parameter to showflat.php, or (10) like parameter to showmembers.php. network ubbcentral | 6.8 |
2005-06-29 | CVE-2005-2055 | Remote Security vulnerability in RealPlayer RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | 5.0 |