Weekly Vulnerabilities Reports > October 10 to 16, 2005
Overview
63 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 59 products from 47 vendors including Microsoft, Oracle, Broadcom, Avira, and Clam Anti Virus. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", and "Improper Input Validation".
- 55 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 61 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Symantec Veritas has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-10-12 | CVE-2005-2715 | Symantec Veritas | Remote Format String vulnerability in Symantec Veritas products Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. | 10.0 |
14 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-10-14 | CVE-2005-3239 | Clam Anti Virus | Denial Of Service vulnerability in Clam Anti-Virus Clamav . The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function. | 7.8 |
2005-10-14 | CVE-2005-3201 | Utopia Software | SQL Injection vulnerability in Utopia News Pro SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter. | 7.5 |
2005-10-14 | CVE-2005-3199 | Aspready FAQ Manager | SQL Injection vulnerability in AspReady FAQ Manager Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters. | 7.5 |
2005-10-14 | CVE-2005-2967 | Xine | Remote CDDB Information Format String vulnerability in Xine-Lib Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | 7.5 |
2005-10-14 | CVE-2005-2661 | UP Imapproxy | Remote Format String vulnerability in Up-Imapproxy 1.2.3/1.2.4 Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line. | 7.5 |
2005-10-13 | CVE-2005-3190 | Broadcom | Unspecified vulnerability in Broadcom Igateway 3.0/4.0 Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. | 7.5 |
2005-10-13 | CVE-2005-3185 | Curl Libcurl Wget | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. | 7.5 |
2005-10-13 | CVE-2005-2943 | Davide Libenzi | Local Buffer Overflow vulnerability in XMail Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option. | 7.5 |
2005-10-13 | CVE-2005-2933 | University OF Washington | Buffer Overflow vulnerability in University Of Washington IMAP Mailbox Name Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely. | 7.5 |
2005-10-13 | CVE-2005-2963 | MOD Auth Shadow | Authentication Bypass vulnerability in Apache Mod_Auth_Shadow The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions. | 7.5 |
2005-10-13 | CVE-2005-1985 | Microsoft | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages. | 7.5 |
2005-10-12 | CVE-2005-1978 | Microsoft | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. | 7.5 |
2005-10-14 | CVE-2005-3197 | Webroot Software | Local vulnerability in Webroot Software Desktop Firewall 1.3.0.43 Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. | 7.2 |
2005-10-12 | CVE-2005-2925 | SGI | Local Privilege Escalation vulnerability in SGI Irix 6.5.22 runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin. | 7.2 |
45 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-10-14 | CVE-2005-3236 | Cynox | Input Validation vulnerability in Cynox Cyphor 0.19 Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQL and obtain administrative access via (1) the fid parameter of newmsg.php, which can enable XSS attacks when the SQL syntax is invalid or (2) the nick parameter of lostpwd.php. | 6.8 |
2005-10-14 | CVE-2005-3208 | Aenovo | SQL Injection vulnerability in Aenovo Aenovo, Aenovoshop and Aenovowysi Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop and (3) aeNovoWYSI allow remote attackers to execute arbitrary SQL code via (a) the password parameter in control.asp, and (b) the strSQL parameter in search.asp, which can enable XSS attacks in resulting error messages. | 6.8 |
2005-10-14 | CVE-2005-3202 | Oracle | Cross-Site Scripting vulnerability in Oracle HTML DB 1.3/1.3.6 Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters. | 6.8 |
2005-10-13 | CVE-2005-2120 | Microsoft | Buffer Overflow vulnerability in Microsoft Windows 2000 and Windows XP Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call. | 6.5 |
2005-10-14 | CVE-2005-3235 | Proland | Security Bypass vulnerability in Proland Protector Plus 2000 Multiple interpretation error in unspecified versions of Proland Protector Plus 2000 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3234 | Grisoft | Security Bypass vulnerability in Avg Antivirus Multiple interpretation error in unspecified versions of Grisoft AVG Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3233 | Trustix | Security Bypass vulnerability in Antivirus Multiple interpretation error in unspecified versions of Trustix Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3232 | Thehacker | Security Bypass vulnerability in Thehacker Multiple interpretation error in unspecified versions of TheHacker allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3231 | CAT | Security Bypass vulnerability in Quick Heal Multiple interpretation error in unspecified versions of CAT Quick Heal allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3230 | Panda | Security Bypass vulnerability in Panda Antivirus Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3229 | Clam Anti Virus | Security Bypass vulnerability in ClamAV Antivirus Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3228 | Ikarus | Security Bypass vulnerability in Ikarus Antivirus Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3227 | UNA | Multiple interpretation error in unspecified versions of UNA Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3226 | Arcavir | Security Bypass vulnerability in Arcavir Antivirus Multiple interpretation error in unspecified versions of ArcaVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3225 | Broadcom | Unspecified vulnerability in Broadcom Etrust Antivirus and Etrust Antivirus Iris Engine Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3224 | Avira | Security Bypass vulnerability in AntiVir Personal Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3223 | Rising | Security Bypass vulnerability in Rising Antivirus Multiple interpretation error in unspecified versions of Rising Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3222 | Vba32 | Security Bypass vulnerability in Vba32 Antivirus Multiple interpretation error in unspecified versions of VBA32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3221 | Fortinet | Security Bypass vulnerability in Fortinet Antivirus Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3220 | Norman | Security Bypass vulnerability in Virus Control Antivirus Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3219 | Avira | Security Bypass vulnerability in AntiVir Personal Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3218 | DR WEB | Security Bypass vulnerability in Dr.Web Antivirus Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3217 | Symantec | Unspecified vulnerability in Symantec Antivirus Scan Engine Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3216 | Sophos | Security Bypass vulnerability in Sophos Anti-Virus Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3215 | Mcafee | Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3214 | Alwil | Security Bypass vulnerability in Avast Antivirus Multiple interpretation error in unspecified versions of Avast Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3213 | Frisk Software | Security Bypass vulnerability in F-Prot Antivirus Multiple interpretation error in unspecified versions of F-Prot Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3212 | Eset Software | Security Bypass vulnerability in NOD32 Antivirus Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3211 | Softwin | Security Bypass vulnerability in Bitdefender Antivirus Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3210 | Kaspersky LAB | Security Bypass vulnerability in Kaspersky Anti-Virus Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
2005-10-14 | CVE-2005-3194 | Estsoft | Archive Formats File Name Buffer Overflow vulnerability in Estsoft Alzip 5.52English/6.12Korean/6.1International Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | 5.1 |
2005-10-14 | CVE-2005-3207 | Oracle | Remote Denial Of Service vulnerability in Oracle Forms Servlet TLS Listener The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote attackers to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command. | 5.0 |
2005-10-14 | CVE-2005-3206 | Oracle | Remote Denial Of Service vulnerability in Oracle Database Server 9.0.2.4 iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command. | 5.0 |
2005-10-12 | CVE-2005-2128 | Microsoft | Buffer Overflow vulnerability in Microsoft Windows Media Player 9 QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | 5.0 |
2005-10-12 | CVE-2005-2119 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer. | 5.0 |
2005-10-12 | CVE-2005-1980 | Microsoft | Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." | 5.0 |
2005-10-12 | CVE-2005-1979 | Microsoft | Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality. | 5.0 |
2005-10-14 | CVE-2005-3209 | Aenovo | Local Security vulnerability in Aenovo Aenovo, Aenovoshop and Aenovowysi Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges. | 4.6 |
2005-10-14 | CVE-2005-3203 | Oracle | Unspecified vulnerability in Oracle Html DB 1.3/1.3.6 The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges. | 4.6 |
2005-10-14 | CVE-2005-3198 | Webroot Software | Local vulnerability in Webroot Software Desktop Firewall Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands. | 4.6 |
2005-10-14 | CVE-2005-3196 | Planet Technology Corp | Unspecified vulnerability in Planet Technology Corp Fgsw2402Rs 1.2Firmware Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges. | 4.6 |
2005-10-14 | CVE-2005-3237 | Cynox | Input Validation vulnerability in Cyphor Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote attackers to inject arbitrary web script or HTML via the t_login parameter of footer.php. | 4.3 |
2005-10-14 | CVE-2005-3204 | Oracle | Cross-Site Scripting vulnerability in Oracle Application Server and Oracle9I Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request. | 4.3 |
2005-10-14 | CVE-2005-3200 | Utopia Software | Cross-Site Scripting vulnerability in Utopia Software Utopia News PRO 1.1.3/1.1.4 Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro (UNP) 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the sitetitle parameter in header.php and (2) the version and (3) query_count parameters in footer.php. | 4.3 |
2005-10-12 | CVE-2005-3183 | W3C | Improper Input Validation vulnerability in W3C Libwww The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2005-10-14 | CVE-2005-3205 | Oracle | Cross-Site Scripting vulnerability in Oracle Database Server 9.0.2.4 Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table. | 3.5 |
2005-10-14 | CVE-2005-3238 | SUN | Denial-Of-Service vulnerability in Sun Solaris Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | 2.1 |
2005-10-13 | CVE-2005-2992 | ARC | Unspecified vulnerability in ARC arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. | 2.1 |