Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0571 | Remote Security vulnerability in Punbb 1.2.1 admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter. | 5.0 |
| 2005-05-02 | CVE-2005-0570 | Remote Input Validation vulnerability in Punbb 1.2.1 profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL. | 5.0 |
| 2005-05-02 | CVE-2005-0568 | Remote Denial Of Service vulnerability in Raven Software Soldier Of Fortune 2 Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference. | 5.0 |
| 2005-05-02 | CVE-2005-0558 | Unspecified vulnerability in Microsoft Word 2000/2002/2003 Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | 5.1 |
| 2005-05-02 | CVE-2005-0553 | Unspecified vulnerability in Microsoft IE and Internet Explorer Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | 5.1 |
| 2005-05-02 | CVE-2005-0549 | Unspecified vulnerability in SUN Solaris Answerbook2 1.4/1.4.2/1.4.4 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. network sun | 4.3 |
| 2005-05-02 | CVE-2005-0544 | Remote Security vulnerability in PHPmyadmin 2.6.1 phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-0542 | Local Security vulnerability in Cyclades Alterpath Manager 1.2.1 saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain privileges by setting the adminUser parameter to true. | 4.6 |
| 2005-05-02 | CVE-2005-0540 | Information Disclosure vulnerability in Cyclades Alterpath Manager 1.2.1 Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to obtain sensitive information via a direct request to the /about.html page. | 5.0 |
| 2005-05-02 | CVE-2005-0539 | Local Security vulnerability in IBM Hardware Management Console 4.1/4.2 Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard. | 4.6 |