Weekly Vulnerabilities Reports > August 1 to 7, 2005
Overview
75 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 23 high severity vulnerabilities. This weekly summary report vulnerabilities in 67 products from 59 vendors including Opera, Beehive Forum, Website Baker, Astalavista IT Engineering, and Linux. Vulnerabilities are notably categorized as "Improper Restriction of Rendered UI Layers or Frames", "Cross-site Scripting", "Improper Locking", and "Improper Input Validation".
- 64 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities have public exploit available.
- 1 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 74 reported vulnerabilities are exploitable by an anonymous user.
- Opera has the most reported vulnerabilities, with 3 reported vulnerabilities.
- Ares has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
2 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-08-03 | CVE-2005-2425 | Ares | Remote Buffer Overflow vulnerability in Ares Fileshare 1.1 Stack-based buffer overflow in Ares FileShare 1.1 allows remote attackers or local users to execute arbitrary code via a (1) long history parameter in the configuration file (ares.conf) or (2) long search string. | 10.0 |
2005-08-03 | CVE-2005-2420 | Ftplocate | Remote Command Execution vulnerability in FTPLocate flsearch.pl in FtpLocate 2.02 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP GET request. | 10.0 |
23 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-08-07 | CVE-2005-2489 | WEB Content Management | Unspecified vulnerability in web Content Management web Content Management News System Web Content Management News System allows remote attackers to create arbitrary accounts and gain privileges via a direct request to Admin/Users/AddModifyInput.php. | 7.5 |
2005-08-07 | CVE-2005-2486 | Portailphp | SQL Injection vulnerability in Portailphp 2.4 SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701. | 7.5 |
2005-08-07 | CVE-2005-2484 | Denora IRC Stats | Remote Buffer Overflow vulnerability in Denora IRC Stats Denora IRC Stats 1.0 Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 might allow attackers to execute arbitrary code. | 7.5 |
2005-08-07 | CVE-2005-2483 | Karrigell | Unspecified vulnerability in Karrigell Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script. | 7.5 |
2005-08-05 | CVE-2005-2478 | Silver Scripts | SQL Injection vulnerability in Silver-Scripts Silvernews 2.0.3 SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel. | 7.5 |
2005-08-05 | CVE-2005-2473 | Churchinfo | SQL Injection vulnerability in ChurchInfo Multiple SQL injection vulnerabilities in ChurchInfo allow remote attackers to execute arbitrary SQL commands via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, (8) DepositSlipID parameter to DepositSlipEditor.php, (9) QueryID parameter to QueryView.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php. | 7.5 |
2005-08-05 | CVE-2005-2471 | Netpbm | Unspecified vulnerability in Netpbm 2.10.0.8 pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. | 7.5 |
2005-08-05 | CVE-2005-1854 | Debian | Remote Command Execution vulnerability in Debian Apt-Cacher 0.9.4/0.9.9 Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. | 7.5 |
2005-08-05 | CVE-2005-1272 | Broadcom CA | Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050. | 7.5 |
2005-08-03 | CVE-2005-2450 | Clam Anti Virus | Integer Overflow vulnerability in Clam Anti-Virus Clamav 0.85/0.85.1/0.86 Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. | 7.5 |
2005-08-03 | CVE-2005-2445 | Early Impact | SQL Injection vulnerability in Early Impact Product Cart 2.6 SQL injection vulnerability in viewPrd.asp in Product Cart 2.6 allows remote attackers to execute arbitrary SQL commands via the idcategory parameter. | 7.5 |
2005-08-03 | CVE-2005-2440 | Thomson Netg | SQL Injection vulnerability in Thomson Netg web Skill Vantage Manager 2.5 SQL injection vulnerability in login.asp in Thomson Web Skill Vantage Manager allows remote attackers to execute arbitrary SQL commands via the svmPassword parameter. | 7.5 |
2005-08-03 | CVE-2005-2439 | Usebb | SQL Injection vulnerability in UseBB Search SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function. | 7.5 |
2005-08-03 | CVE-2005-2432 | Tincan | SQL Injection vulnerability in PHPList Admin Page SQL injection vulnerability in PhpList allows remote attackers to modify SQL statements via the id argument to admin pages such as (1) members or (2) admin. | 7.5 |
2005-08-03 | CVE-2005-2424 | Siemens | Denial Of Service vulnerability in Siemens Santis 50 4.2.8.0 The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze. | 7.5 |
2005-08-03 | CVE-2005-2421 | Beehive Forum | SQL Injection vulnerability in Beehive Forum Webtag Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter. | 7.5 |
2005-08-03 | CVE-2005-2419 | ECI Telecom | Unspecified vulnerability in ECI Telecom B-Focus Router 312 B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg. | 7.5 |
2005-08-03 | CVE-2005-2415 | Astalavista IT Engineering | Input Validation vulnerability in Contrexx Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module. | 7.5 |
2005-08-03 | CVE-2005-2346 | Novell | Unspecified vulnerability in Novell Groupwise 6.5 Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section. | 7.5 |
2005-08-02 | CVE-2005-2079 | Symantec Veritas | Remote Heap Overflow vulnerability in Veritas Backup Exec Admin Plus Pack Option Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code. | 7.5 |
2005-08-01 | CVE-2005-2410 | Gnome | Unspecified vulnerability in Gnome Networkmanager 0.1/0.3.1/0.4 Format string vulnerability in the nm_info_handler function in Network Manager may allow remote attackers to execute arbitrary code via format string specifiers in a Wireless Access Point identifier, which is not properly handled in a syslog call. | 7.5 |
2005-08-01 | CVE-2005-2409 | Nbsmtp | Remote Format String vulnerability in No-Brainer SMTP Client Log_Msg() Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call. | 7.5 |
2005-08-03 | CVE-2005-1853 | University OF Minnesota | Unspecified vulnerability in University of Minnesota Gopher 3.0.5 gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges. | 7.2 |
40 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-08-04 | CVE-2005-2456 | Linux Debian | Improper Locking vulnerability in multiple products Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array. | 5.5 |
2005-08-01 | CVE-2005-2411 | Tdiary | Cross-Site Request Forgery vulnerability in Tdiary 2.1.1 Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user. | 5.1 |
2005-08-01 | CVE-2005-2407 | Opera | Improper Restriction of Rendered UI Layers or Frames vulnerability in Opera Browser A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking". | 5.1 |
2005-08-07 | CVE-2005-2482 | Metasploit | Unspecified vulnerability in Metasploit Framework The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command. | 5.0 |
2005-08-05 | CVE-2005-2481 | Macromedia | Information Disclosure vulnerability in Macromedia Coldfusion Fusebox 4.1.0 ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character. | 5.0 |
2005-08-05 | CVE-2005-2479 | Pablo Software Solutions | Denial of Service vulnerability in Pablo Software Solutions Quick N Easy FTP Server 3.0 Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command. | 5.0 |
2005-08-05 | CVE-2005-2477 | Naxtor | SQL Injection vulnerability in Naxtor Shopping Cart 1.0 shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. | 5.0 |
2005-08-05 | CVE-2005-2474 | Churchinfo | Denial-Of-Service vulnerability in ChurchInfo ChurchInfo allows remote attackers to execute obtain sensitive information via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, an invalid Number parameter to (8) SelectList.php or (9) SelectDelete.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php, which reveal the path in an error message. | 5.0 |
2005-08-05 | CVE-2005-2472 | Netcplus | Remote Buffer Overflow vulnerability in Netcplus Businessmail 4.60.00 Multiple buffer overflows in BusinessMail 4.60.00 allow remote attackers to cause a denial of service (application crash) via a long string to SMTP (1) HELO or (2) MAIL FROM commands. | 5.0 |
2005-08-05 | CVE-2005-2359 | Freebsd | Authentication Constant Key Usage vulnerability in BSD IPsec Session AES-XCBC-MAC The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session. | 5.0 |
2005-08-04 | CVE-2005-2455 | Greasemonkey | Remote Information Disclosure vulnerability in Greasemonkey 0.3.3 Greasemonkey before 0.3.5 allows remote web servers to (1) read arbitrary files via a GET request to a file:// URL in the GM_xmlhttpRequest API function, (2) list installed scripts using GM_scripts, or obtain sensitive information via (3) GM_setValue and GM_getValue. | 5.0 |
2005-08-03 | CVE-2005-2452 | Libtiff | Denial of Service vulnerability in Libtiff 3.5.5/3.5.7/3.6.1 libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. | 5.0 |
2005-08-03 | CVE-2005-2448 | EKG | Memory Alignment Remote Denial of Service vulnerability in EKG Libgadu Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems. | 5.0 |
2005-08-03 | CVE-2005-2443 | Kshout | Information Disclosure vulnerability in Kshout Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords. | 5.0 |
2005-08-03 | CVE-2005-2442 | SPI Dynamics | Unspecified vulnerability in SPI Dynamics Webinspect 5.0.196 Cross-Application Scripting (XAS) vulnerability in SPI Dynamics WebInspect 5.0.196 allows remote attackers to inject Javascript from one application into another. | 5.0 |
2005-08-03 | CVE-2005-2437 | Website Baker | Unspecified vulnerability in Website Baker Website Baker Website Baker Project does not properly verify the file extensions of uploaded files, which allows remote attackers to upload and execute arbitrary PHP code. | 5.0 |
2005-08-03 | CVE-2005-2436 | Website Baker | Remote Security vulnerability in Website Baker browse.php in Website Baker Project allows remote attackers to obtain sensitive data via (1) a directory that does not exist in the dir parameter or (2) a direct request to certain php files, which reveal the path in an error message. | 5.0 |
2005-08-03 | CVE-2005-2434 | Linksys | Unspecified vulnerability in Linksys Wrt54G Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. | 5.0 |
2005-08-03 | CVE-2005-2433 | Tincan | Information Disclosure vulnerability in PHPlist PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message. | 5.0 |
2005-08-03 | CVE-2005-2431 | Gforge | Remote Security vulnerability in Gforge 4.5 The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses (aka mail bomb). | 5.0 |
2005-08-03 | CVE-2005-2429 | Mozilla | Remote Security vulnerability in Mozilla Firefox 2.0 Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office. | 5.0 |
2005-08-03 | CVE-2005-2428 | IBM | Unspecified vulnerability in IBM Lotus Domino 5.0/6.0/6.5 Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696. | 5.0 |
2005-08-03 | CVE-2005-2423 | Beehive Forum | Beehive Forum allows remote attackers to obtain sensitive information via (1) an invalid final_uri or sort_by parameter to index.php or a direct request to (2) admin.php, (3) attachments.inc.php, (4) banned.inc.php, (5) beehive.inc.php, (6) constants.inc.php, (7) db.inc.php, (8) dictionary.inc.php or (9) search_index.php, which reveal the path in an error message. | 5.0 |
2005-08-03 | CVE-2005-2417 | Astalavista IT Engineering | Input Validation vulnerability in Contrexx Contrexx before 1.0.5 allows remote attackers to obtain sensitive information via a direct request to /config/version.xml. | 5.0 |
2005-08-03 | CVE-2005-2413 | Atomic Photo Album | Remote File Include vulnerability in Atomic Photo Album Apa_PHPInclude.INC.PHP PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter. | 5.0 |
2005-08-03 | CVE-2005-2412 | PHP Firstpost | Remote File Include vulnerability in PHPFirstpost Block.PHP PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter. | 5.0 |
2005-08-01 | CVE-2005-2405 | Opera | Improper Input Validation vulnerability in Opera Browser 8.01 Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code. | 5.0 |
2005-08-07 | CVE-2005-2488 | WEB Content Management | Cross-Site Scripting vulnerability in Web Content Management Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php. | 4.3 |
2005-08-07 | CVE-2005-2485 | Logicampus | Cross Site Scripting vulnerability in Logicampus 1.1.0 Cross-site scripting (XSS) vulnerability in the Helpdesk in Logicampus before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2005-08-05 | CVE-2005-2480 | Macromedia | Cross-Site Scripting vulnerability in Macromedia Coldfusion Fusebox 4.1.0 Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm. | 4.3 |
2005-08-05 | CVE-2005-2476 | Naxtor | Cross-Site Scripting vulnerability in Naxtor Shopping Cart 1.0 Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | 4.3 |
2005-08-04 | CVE-2005-2453 | Networkactiv | Cross-Site Scripting vulnerability in NetworkActiv Web Server Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
2005-08-03 | CVE-2005-2441 | Vbzoom | Cross-Site Scripting vulnerability in VBZooM Forum Multiple cross-site scripting (XSS) vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the (1) UserName parameter to profile.php or (2) UserID parameter to login.php. | 4.3 |
2005-08-03 | CVE-2005-2438 | Usebb | Cross-site scripting (XSS) vulnerability in UseBB 0.5.1 and earlier allows remote attackers to inject arbitrary Javascript via the BBCode color value. | 4.3 |
2005-08-03 | CVE-2005-2435 | Website Baker | Cross-Site Scripting vulnerability in Website Baker Cross-site scripting (XSS) vulnerability in browse.php in Website Baker Project allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | 4.3 |
2005-08-03 | CVE-2005-2430 | Gforge | Cross-Site Scripting vulnerability in Gforge 4.5 Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id or (2) group_id parameter to forum.php, (3) project_task_id parameter to task.php, (4) id parameter to detail.php, (5) the text field on the search page, (6) group_id parameter to qrs.php, (7) form, (8) rows, (9) cols or (10) wrap parameter to notepad.php, or the login field on the login form. | 4.3 |
2005-08-03 | CVE-2005-2427 | Elemental Software | Cross-Site Scripting vulnerability in Elemental Software Cartwiz Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. | 4.3 |
2005-08-03 | CVE-2005-2422 | Beehive Forum | Cross-Site Scripting vulnerability in Beehive Forum Webtag Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter. | 4.3 |
2005-08-03 | CVE-2005-2416 | Astalavista IT Engineering | Input Validation vulnerability in Contrexx Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module. | 4.3 |
2005-08-01 | CVE-2005-2406 | Opera | Cross-site Scripting vulnerability in Opera Browser 8.01 Opera 8.01 allows remote attackers to conduct cross-site scripting (XSS) attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI. | 4.3 |
10 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-08-03 | CVE-2005-2414 | Xpcom | Denial-Of-Service vulnerability in Xpcom Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering page and referenced objects to be deleted. | 2.6 |
2005-08-07 | CVE-2005-2487 | Mcdata | Remote Denial Of Service vulnerability in McDATA E/OS Unknown vulnerability in Sun McData switches and directors 4300, 4500, 6064, and 6140 before E/OS 6.0.0 may allow attackers to cause a denial of service (connectivity and array access loss) via a network broadcast storm. | 2.1 |
2005-08-05 | CVE-2005-2353 | Mozilla | Unspecified vulnerability in Mozilla Thunderbird 1.5.0.9 run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |
2005-08-03 | CVE-2005-2451 | Cisco | Unspecified vulnerability in Cisco IOS and IOS XR Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | 2.1 |
2005-08-03 | CVE-2005-2444 | Cerulean Studios | Information Disclosure vulnerability in Cerulean Studios Trillian PRO 3.1Build121 Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. | 2.1 |
2005-08-03 | CVE-2005-2426 | Ftpshell | Denial of Service vulnerability in Ftpshell Server 3.38 FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command. | 2.1 |
2005-08-03 | CVE-2005-2132 | SCO | Denial of Service vulnerability in SCO UnixWare RPC Portmapper RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests. | 2.1 |
2005-08-02 | CVE-2005-1762 | Linux | Local Denial of Service vulnerability in Linux Kernel 2.6.10/2.6.8.1 The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address. | 2.1 |
2005-08-05 | CVE-2005-2475 | Info ZIP | Unspecified vulnerability in Info-Zip Unzip 5.52 Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete. | 1.2 |
2005-08-03 | CVE-2005-2449 | Sandbox | Insecure Temporary File Creation vulnerability in Gentoo Sandbox Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp. | 1.2 |