CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In August 2005 (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-2679 Exec Code Overflow 2005-08-23 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a running process.
2 CVE-2005-2669 Exec Code 2005-08-23 2017-11-21
10.0
Admin Remote Low Not required Complete Complete Complete
Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.
3 CVE-2005-2668 Exec Code Overflow 2005-08-23 2017-11-22
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.
4 CVE-2005-2655 +Priv 2005-08-30 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.
5 CVE-2005-2626 2005-08-19 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.
6 CVE-2005-2611 2005-08-17 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
7 CVE-2005-2593 2005-08-17 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors.
8 CVE-2005-2541 +Priv 2005-08-10 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
9 CVE-2005-2511 2005-08-19 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.
10 CVE-2005-2425 Exec Code Overflow 2005-08-03 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Ares FileShare 1.1 allows remote attackers or local users to execute arbitrary code via a (1) long history parameter in the configuration file (ares.conf) or (2) long search string.
11 CVE-2005-2420 Exec Code 2005-08-03 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
flsearch.pl in FtpLocate 2.02 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP GET request.
12 CVE-2005-2017 +Priv 2005-08-30 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540.
13 CVE-2005-1983 Exec Code Overflow +Priv 2005-08-10 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Total number of vulnerabilities : 13   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.