CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2005

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-2122 Exec Code Overflow 2005-10-21 2019-04-30
10.0
Admin Remote Low Not required Complete Complete Complete
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
2 CVE-2005-2715 Exec Code 2005-10-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
3 CVE-2005-2758 Exec Code Overflow 2005-10-05 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
4 CVE-2005-3142 Exec Code Overflow 2005-10-05 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
5 CVE-2005-3184 Exec Code Overflow 2005-10-20 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
6 CVE-2005-3254 Exec Code 2005-10-18 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.
7 CVE-2005-3267 189 DoS Overflow 2005-10-27 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow.
8 CVE-2005-3277 Exec Code 2005-10-21 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473.
9 CVE-2005-3296 2005-10-23 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
10 CVE-2005-3265 119 Exec Code Overflow 2005-10-27 2017-07-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
11 CVE-2005-3239 DoS 2005-10-14 2010-04-02
7.8
None Remote Low Not required None None Complete
The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.
12 CVE-2005-1978 Exec Code 2005-10-12 2018-10-12
7.5
User Remote Low Not required Partial Partial Partial
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
13 CVE-2005-1985 Exec Code 2005-10-13 2018-10-12
7.5
User Remote Low Not required Partial Partial Partial
The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
14 CVE-2005-1987 Exec Code Overflow 2005-10-13 2018-10-12
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
15 CVE-2005-2337 Exec Code Bypass 2005-10-07 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).
16 CVE-2005-2661 Exec Code 2005-10-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.
17 CVE-2005-2743 Exec Code 2005-10-25 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code.
18 CVE-2005-2747 Exec Code Overflow 2005-10-25 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file.
19 CVE-2005-2933 Exec Code Overflow 2005-10-13 2018-10-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
20 CVE-2005-2943 Exec Code Overflow 2005-10-13 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
21 CVE-2005-2958 Exec Code 2005-10-25 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
22 CVE-2005-2961 Exec Code Overflow 2005-10-05 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
23 CVE-2005-2963 Bypass 2005-10-13 2017-07-10
7.5
None Remote Low Not required Partial Partial Partial
The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
24 CVE-2005-2967 Exec Code 2005-10-14 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
25 CVE-2005-2971 Exec Code Overflow 2005-10-20 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
26 CVE-2005-2978 Exec Code 2005-10-18 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.
27 CVE-2005-3118 2005-10-06 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot.
28 CVE-2005-3120 Exec Code Overflow 2005-10-17 2018-10-19
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
29 CVE-2005-3130 Exec Code Sql 2005-10-04 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers to execute arbitrary SQL commands via the login field.
30 CVE-2005-3134 Bypass 2005-10-04 2018-08-13
7.5
User Remote Low Not required Partial Partial Partial
Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).
31 CVE-2005-3135 Exec Code Overflow 2005-10-04 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.
32 CVE-2005-3150 Exec Code 2005-10-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames.
33 CVE-2005-3151 Exec Code Overflow 2005-10-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.
34 CVE-2005-3153 Sql Bypass 2005-10-05 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a myBloggie vulnerability.
35 CVE-2005-3154 134 DoS Exec Code 2005-10-05 2016-09-30
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name.
36 CVE-2005-3155 Exec Code Overflow 2005-10-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
37 CVE-2005-3157 Exec Code Sql 2005-10-06 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
38 CVE-2005-3158 Exec Code Sql 2005-10-06 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159.
39 CVE-2005-3159 Exec Code Sql 2005-10-06 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
40 CVE-2005-3160 Exec Code Sql 2005-10-06 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote attackers to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
41 CVE-2005-3161 Exec Code Sql 2005-10-06 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
42 CVE-2005-3168 2005-10-06 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the template.
43 CVE-2005-3176 2005-10-06 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.
44 CVE-2005-3182 Exec Code Overflow 2005-10-20 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
45 CVE-2005-3185 119 Exec Code Overflow 2005-10-13 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
46 CVE-2005-3190 Exec Code Overflow 2005-10-13 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
47 CVE-2005-3199 Exec Code Sql 2005-10-14 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.
48 CVE-2005-3201 Sql 2005-10-14 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter.
49 CVE-2005-3243 Exec Code Overflow 2005-10-27 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
50 CVE-2005-3252 Exec Code Overflow 2005-10-18 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Total number of vulnerabilities : 283   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.