Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-24 | CVE-2005-1703 | Remote Denial Of Service vulnerability in Black Cactus Warrior Kings Battles 1.23 Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference. | 5.0 |
2005-05-24 | CVE-2005-1699 | Directory Traversal vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3 Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. | 4.0 |
2005-05-20 | CVE-2005-1684 | Unspecified vulnerability in Episodex Guestbook Cross-site scripting (XSS) vulnerability in default.asp for episodex guestbook allows remote attackers to inject arbitrary web script or HTML via the Name field and other fields. network episodex | 4.3 |
2005-05-20 | CVE-2005-1679 | Remote Buffer Overflow vulnerability in Picasm Error Generation Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message. | 5.1 |
2005-05-20 | CVE-2005-1676 | Unspecified vulnerability in Groove Workspace and Virtual Office Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allow remote attackers to inject arbitrary web script or HTML via the (1) picture columns embedded within SharePoint lists or (2) drop-down menus in a SharePoint list. network groove | 6.8 |
2005-05-20 | CVE-2005-1675 | Information Disclosure vulnerability in Groove Workspace and Virtual Office Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | 4.6 |
2005-05-19 | CVE-2005-1934 | Denial of Service vulnerability in Gaim MSN Protocol Malformed Message Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | 5.0 |
2005-05-19 | CVE-2005-1674 | Cross-Site Request Forgery (CSRF) vulnerability in Helpcenterlive Help Center Live Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php. | 6.5 |
2005-05-19 | CVE-2005-1672 | Unspecified vulnerability in Ubertec Help Center Live Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message field of a chat request, or (4) the message body when opening a trouble ticket. network ubertec | 4.3 |
2005-05-19 | CVE-2005-1670 | Local Security vulnerability in ExtremeWare XOS Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands. | 4.6 |