Weekly Vulnerabilities Reports > June 13 to 19, 2005
Overview
74 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 30 high severity vulnerabilities. This weekly summary report vulnerabilities in 87 products from 42 vendors including Microsoft, Apple, SUN, Ultimate PHP Board, and PHP Arena. Vulnerabilities are notably categorized as "Cross-site Scripting", "Code Injection", "Open Redirect", "Information Exposure", and "XXE".
- 67 reported vulnerabilities are remotely exploitables.
- 5 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 74 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
2 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-06-17 | CVE-2005-2023 | Suse | Remote Security vulnerability in Suse Linux 9.3 The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. | 10.0 |
2005-06-14 | CVE-2005-1208 | Microsoft | Remote Code Execution vulnerability in Microsoft Windows HTML Help Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. | 10.0 |
30 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-06-18 | CVE-2005-0773 | Symantec Veritas | Remote Agent for Windows Servers Authentication Buffer Overflow vulnerability in Veritas Backup Exec Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument. | 7.5 |
2005-06-17 | CVE-2005-2029 | Amarok | Remote Security vulnerability in Amarok web Frontend 1.3 amaroK Web Frontend 1.3 stores the globals.inc file under the web root without a .php extension and insufficient access control, which allows remote attackers to obtain the database username and password via a direct request to the file. | 7.5 |
2005-06-16 | CVE-2005-2036 | Cool Cafe Chat | Information Exposure vulnerability in Cool Cafe Chat Cool Cafe Chat 1.2.1 modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value. | 7.5 |
2005-06-16 | CVE-2005-2035 | Cool Cafe Chat | SQL Injection vulnerability in Cool Cafe Chat Cool Cafe Chat 1.2.1 SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to execute arbitrary SQL commands via the password. | 7.5 |
2005-06-16 | CVE-2005-2031 | Socialmpn | SQL-Injection vulnerability in SocialMPN Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) secid or (6) artid parameter to sections.php, (7) siteid parameter to index.php, or (8) sid parameter to friend.php. | 7.5 |
2005-06-16 | CVE-2005-2026 | Enterasys | Remote Security vulnerability in Vertical Horizon VH-2402S 2.05.00/2.05.08.01/2.05.09.07 Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to gain privileges. | 7.5 |
2005-06-16 | CVE-2005-1971 | Interactivephp | Directory Traversal vulnerability in Interactivephp Fusionbb 11Beta Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the language parameter. | 7.5 |
2005-06-16 | CVE-2005-1967 | Early Impact | SQL-Injection vulnerability in Productcart Ecommerce Multiple SQL injection vulnerabilities in ProductCart Ecommerce before 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) idcategory parameter to viewPrd.asp, (2) lid parameter to editCategories.asp, (3) icd parameter to modCustomCardPaymentOpt.asp, or (4) idccr parameter to OptionFieldsEdit.asp. | 7.5 |
2005-06-16 | CVE-2005-1965 | Glen Campbell | Code Injection vulnerability in Glen Campbell Siteframe PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCAL_PATH parameter. | 7.5 |
2005-06-16 | CVE-2005-1952 | Pico Server | Remote Security vulnerability in Pico Server Pico Server 3.3 Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. | 7.5 |
2005-06-16 | CVE-2005-1721 | Apple | Unspecified vulnerability in Apple AFP Server Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. | 7.5 |
2005-06-16 | CVE-2005-1475 | Opera | Open Redirect vulnerability in Opera Browser The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect. | 7.5 |
2005-06-15 | CVE-2005-2002 | Mambo | SQL Injection vulnerability in Mambo Open Source Com_Contents SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter. | 7.5 |
2005-06-15 | CVE-2005-2000 | PHP Arena | SQL-Injection vulnerability in paFileDB Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php. | 7.5 |
2005-06-15 | CVE-2005-1306 | Adobe | XXE vulnerability in Adobe Acrobat and Acrobat Reader The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability." | 7.5 |
2005-06-14 | CVE-2005-1216 | Microsoft | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter. | 7.5 |
2005-06-14 | CVE-2005-1215 | Microsoft | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers. | 7.5 |
2005-06-14 | CVE-2005-1213 | Microsoft | Buffer Overflow vulnerability in Microsoft Outlook Express NNTP Response Parsing Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. | 7.5 |
2005-06-14 | CVE-2005-1212 | Microsoft | Buffer Overflow vulnerability in Microsoft Step-By-Step Interactive Training Bookmark Link Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | 7.5 |
2005-06-14 | CVE-2005-1206 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability." | 7.5 |
2005-06-13 | CVE-2005-1972 | Interactivephp | SQL-Injection vulnerability in Interactivephp Fusionbb 11Beta Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie. | 7.5 |
2005-06-13 | CVE-2005-1936 | Xerox | Remote Authentication Bypass vulnerability in Xerox Document Centre ESS/Network Controller Web Server Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 and earlier allows attackers to "gain unauthorized access." | 7.5 |
2005-06-13 | CVE-2005-1935 | Microsoft | Remote Security vulnerability in Windows NT Terminal Server Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. | 7.5 |
2005-06-13 | CVE-2005-1933 | Apple | Remote Security vulnerability in Apple mac OS X 10.4 Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | 7.5 |
2005-06-13 | CVE-2005-1760 | Redhat | Information Disclosure vulnerability in RedHat Linux SysReport Proxy sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges. | 7.5 |
2005-06-13 | CVE-2005-1474 | Apple | Unspecified vulnerability in Apple mac OS X and mac OS X Server Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | 7.5 |
2005-06-13 | CVE-2005-0151 | Adobe | Unspecified vulnerability in Adobe Creative Suite, Photoshop and Premiere Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. | 7.5 |
2005-06-16 | CVE-2005-1970 | Symantec | Local Privileged Command Execution vulnerability in Symantec PCAnywhere Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature. | 7.2 |
2005-06-16 | CVE-2005-1722 | Apple | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | 7.2 |
2005-06-14 | CVE-2005-1207 | Microsoft | Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters. | 7.2 |
38 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-06-16 | CVE-2005-1669 | Opera | Cross-site Scripting vulnerability in Opera Browser Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains. | 6.8 |
2005-06-19 | CVE-2005-2007 | Edgewall Software | Directory Traversal vulnerability in Trac Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. | 6.4 |
2005-06-16 | CVE-2005-1974 | SUN | Privilege Escalation vulnerability in Sun Java Runtime Environment Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges. | 5.1 |
2005-06-16 | CVE-2005-1973 | SUN | Privilege Escalation vulnerability in Sun Java Web Start Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges. | 5.1 |
2005-06-14 | CVE-2005-1214 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | 5.1 |
2005-06-14 | CVE-2005-1211 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file. | 5.1 |
2005-06-19 | CVE-2005-2039 | Nanoblogger | Remote Security vulnerability in Nanoblogger 3.1 Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and earlier allows remote attackers to execute arbitrary commands. | 5.0 |
2005-06-17 | CVE-2005-2043 | Xampp | Directory Traversal vulnerability in XAMMP Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | 5.0 |
2005-06-17 | CVE-2005-2024 | Vipul | Denial Of Service vulnerability in Vipul Razor-Agents 2.70/2.71/2.72 Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers to cause a denial of service via (1) certain "unusual HTML messages" or (2) "certain malformed headers" such as Content-Type. | 5.0 |
2005-06-17 | CVE-2005-2008 | Yaws | Remote Security vulnerability in Webserver Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (null). | 5.0 |
2005-06-17 | CVE-2005-2006 | Jboss | Remote Information Disclosure vulnerability in JBoss Malformed HTTP Request JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of the file. | 5.0 |
2005-06-17 | CVE-2005-2004 | Ultimate PHP Board | Cross-Site Scripting vulnerability in Ultimate PHP Board Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ref parameter to login.php, (2) id or (3) page parameter to viewtopic.php, id parameter to (4) profile.php, (5) newpost.php, (6) email.php, (7) icq.php, or (8) aol.php, (9) t_id parameter to newpost.php, (10) ref parameter to getpass.php, or (11) sText parameter to search.php. | 5.0 |
2005-06-16 | CVE-2005-2030 | Ultimate PHP Board | Weak Password Encryption vulnerability in Ultimate PHP Board Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat. | 5.0 |
2005-06-16 | CVE-2005-2027 | Enterasys | Information Disclosure vulnerability in Vertical Horizon VH-2402S 2.05.00/2.05.08.01/2.05.09.07 Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry. | 5.0 |
2005-06-16 | CVE-2005-2005 | Ultimate PHP Board | Information Disclosure vulnerability in Ultimate PHP Board Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users.dat. | 5.0 |
2005-06-16 | CVE-2005-2003 | Ultimate PHP Board | Information Disclosure vulnerability in Ultimate PHP Board Ultimate PHP Board 1.9.6Gold Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, which reveals the path in an error message. | 5.0 |
2005-06-16 | CVE-2005-1963 | Cerberus | Information Disclosure vulnerability in Cerberus Helpdesk 0.97.3 Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3) configuration.php, which leaks the information in a PHP error message. | 5.0 |
2005-06-16 | CVE-2005-1954 | Singapore | Information Disclosure vulnerability in Singapore 0.9.11 singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message. | 5.0 |
2005-06-16 | CVE-2005-1951 | Oscommerce | HTTP Response Splitting vulnerability in osCommerce Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php. | 5.0 |
2005-06-16 | CVE-2005-1269 | ROB Flynn | Denial of Service vulnerability in Gaim Yahoo! Protocol Support File Download Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name. | 5.0 |
2005-06-15 | CVE-2005-2041 | Hauri | Remote Security vulnerability in Hauri Virobot Linux Server 2.0 Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE). | 5.0 |
2005-06-15 | CVE-2005-2001 | PHP Arena | Directory Traversal vulnerability in paFileDB Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. | 5.0 |
2005-06-15 | CVE-2005-1998 | Mcgallery | Unspecified vulnerability in Mcgallery 1.1 Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
2005-06-15 | CVE-2005-1997 | Mcgallery | Information Disclosure vulnerability in Mcgallery 1.1 show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter. | 5.0 |
2005-06-15 | CVE-2005-1996 | Bitrix | Code Injection vulnerability in Bitrix Site Manager PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter. | 5.0 |
2005-06-15 | CVE-2005-1995 | Bitrix | Information Disclosure vulnerability in Bitrix Site Manager Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, which reveals the path in an error message. | 5.0 |
2005-06-14 | CVE-2005-1994 | Finjan Software | Remote Security vulnerability in Surfingate Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e". | 5.0 |
2005-06-14 | CVE-2005-1205 | Microsoft | Remote Information Disclosure vulnerability in Multiple Vendor Telnet Client The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | 5.0 |
2005-06-14 | CVE-2005-0488 | Microsoft MIT SUN | Remote Information Disclosure vulnerability in Multiple Vendor Telnet Client Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | 5.0 |
2005-06-13 | CVE-2005-1473 | Apple | Unspecified vulnerability in Apple mac OS X 10.4.1 SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. | 4.6 |
2005-06-17 | CVE-2005-2022 | SUN | Cross-Site Scripting vulnerability in SUN Iplanet Messaging Server and ONE Messaging Server Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripting (XSS) vulnerability. | 4.3 |
2005-06-16 | CVE-2005-2044 | Adaptive Technology Resource Centre | Cross-Site Scripting vulnerability in ATutor Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote attackers to inject arbitrary web script or HTML via the (1) show_course parameter to browse.php, (2) subject parameter to contact.php, (3) cid parameter to content.php, (4) l parameter to inbox/send_message.php, the (5) search, (6) words, (7) include, (8) find_in, (9) display_as, or (10) search parameter to search.php, the (11) submit, (12) query, or (13) field parameter to tile.php, the (14) us parameter to forum/subscribe_forum.php, or the (15) roles[], (16) status, (17) submit, or (18) reset_filter parameters to directory.php. | 4.3 |
2005-06-16 | CVE-2005-2042 | Ajax Spell | Unspecified vulnerability in Ajax-Spell Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags. | 4.3 |
2005-06-16 | CVE-2005-1975 | Annuaire | HTML Injection vulnerability in Annuaire 1Two 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter to index.php, or the (2) site_id, (3) nom, (4) email, or (5) commentaire parameters in commentaires.php. | 4.3 |
2005-06-16 | CVE-2005-1962 | Cerberus | Cross-Site Scripting vulnerability in Cerberus Helpdesk 0.97.3 Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php. | 4.3 |
2005-06-16 | CVE-2005-1769 | Squirrelmail | Unspecified vulnerability in Squirrelmail Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message. | 4.3 |
2005-06-15 | CVE-2005-1999 | PHP Arena | Cross-Site Scripting vulnerability in PHP Arena Pafiledb 3.1 Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php). | 4.3 |
2005-06-14 | CVE-2005-0563 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Exchange Server 5.5 Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("javAsc
ript:") in an IMG tag. | 4.3 |
4 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-06-14 | CVE-2005-1937 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Mozilla A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718. | 2.6 |
2005-06-16 | CVE-2005-2032 | SUN | Arbitrary Local File Overwrite vulnerability in Sun LPAdmin Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. | 2.1 |
2005-06-16 | CVE-2005-1720 | Apple | Unspecified vulnerability in Apple AFP Server AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | 2.1 |
2005-06-16 | CVE-2005-1265 | Linux | Local Denial Of Service vulnerability in Linux Kernel 2.6.10 The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash). | 2.1 |