| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
98301 |
CVE-2005-4860 |
|
|
+Priv |
2005-12-31 |
2008-09-05 |
6.9 |
Admin |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password. |
|
98302 |
CVE-2005-4859 |
|
|
|
2005-12-31 |
2008-09-05 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
mimicboard2 (Mimic2) 086 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mimic2.dat. |
|
98303 |
CVE-2005-4858 |
|
|
XSS |
2005-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in mimic2.cgi in mimicboard2 (Mimic2) 086 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters associated with the (1) name, (2) title, and (3) comment sections, as demonstrated by referencing a remote document through the SRC attribute of an IFRAME element. |
|
98304 |
CVE-2005-4857 |
399 |
|
DoS |
2005-12-31 |
2015-07-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error". |
|
98305 |
CVE-2005-4856 |
19 |
|
+Info |
2005-12-31 |
2015-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain sensitive information and see the admin pagelayout and associated templates via a request with (1) "anything after the url" or (2) a "wrong url". |
|
98306 |
CVE-2005-4854 |
264 |
|
+Info |
2005-12-31 |
2015-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders. |
|
98307 |
CVE-2005-4853 |
264 |
|
|
2005-12-31 |
2015-07-28 |
9.4 |
None |
Remote |
Low |
Not required |
None |
Complete |
Complete |
|
The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrary postings. |
|
98308 |
CVE-2005-4852 |
264 |
|
Bypass |
2005-12-31 |
2018-09-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass access restrictions by inserting certain characters in a URI, as demonstrated by a request for /admin:de, which matches a rule allowing only /admin_de to access /admin. |
|
98309 |
CVE-2005-4851 |
287 |
|
Bypass |
2005-12-31 |
2019-07-31 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects. |
|
98310 |
CVE-2005-4850 |
264 |
|
|
2005-12-31 |
2019-07-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users. |
|
98311 |
CVE-2005-4849 |
200 |
|
+Info |
2005-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information. |
|
98312 |
CVE-2005-4848 |
119 |
|
Exec Code Overflow |
2005-12-31 |
2017-07-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets. |
|
98313 |
CVE-2005-4847 |
|
|
|
2005-12-31 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack vectors related to "A number of security holes which could lead to compromise," a different issue than CVE-2005-4846. |
|
98314 |
CVE-2005-4846 |
20 |
|
DoS Exec Code |
2005-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call. |
|
98315 |
CVE-2005-4845 |
16 |
|
DoS |
2005-12-31 |
2009-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
|
98316 |
CVE-2005-4844 |
|
|
DoS |
2005-12-31 |
2008-09-05 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
|
98317 |
CVE-2005-4843 |
|
|
DoS |
2005-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
|
98318 |
CVE-2005-4842 |
|
|
DoS |
2005-12-31 |
2008-09-05 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
|
98319 |
CVE-2005-4841 |
|
|
DoS |
2005-12-31 |
2008-09-05 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
|
98320 |
CVE-2005-4840 |
119 |
|
DoS Overflow |
2005-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The Outlook Express Address Book control, when using Internet Explorer 6, allows remote attackers to cause a denial of service (NULL dereference and browser crash) by creating the OutlookExpress.AddressBook COM object, which is not intended for use within Internet Explorer. |
|
98321 |
CVE-2005-4839 |
|
|
+Info |
2005-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PureTLS before 0.9b5 does not clear optional Extensions and Algorithm.Parameters values before parsing, which might trigger an information leak of values from earlier certificates. |
|
98322 |
CVE-2005-4838 |
79 |
|
XSS |
2005-12-31 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries. |
|
98323 |
CVE-2005-4837 |
189 |
|
DoS |
2005-12-31 |
2017-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177. |
|
98324 |
CVE-2005-4836 |
200 |
|
+Info |
2005-12-31 |
2012-02-09 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information. |
|
98325 |
CVE-2005-4835 |
|
|
DoS |
2005-12-31 |
2008-09-10 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. |
|
98326 |
CVE-2005-4834 |
|
|
+Info |
2005-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container. |
|
98327 |
CVE-2005-4833 |
|
|
+Info |
2005-12-31 |
2008-11-13 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere Application Server (WAS) 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format. |
|
98328 |
CVE-2005-4832 |
|
|
Exec Code Sql |
2005-12-31 |
2017-07-28 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197. |
|
98329 |
CVE-2005-4831 |
|
|
XSS |
2005-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting (XSS) and other attacks, as demonstrated using (1) "text/html", or (2) "image/jpeg" with an image that is rendered as HTML by Internet Explorer, a different vulnerability than CVE-2004-1062. NOTE: it was later reported that 0.9.4 is also affected. |
|
98330 |
CVE-2005-4830 |
|
|
Http R.Spl. |
2005-12-31 |
2018-10-19 |
7.6 |
Admin |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the content-type parameter. |
|
98331 |
CVE-2005-4829 |
|
|
|
2005-12-31 |
2018-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
VirtueMart before 1.0.1 does not properly handle errors when a user is forbidden to read a requested page, which has unknown impact and remote attack vectors. |
|
98332 |
CVE-2005-4828 |
|
|
|
2005-12-31 |
2010-04-02 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue crosses privilege boundaries, so this might not be a vulnerability. |
|
98333 |
CVE-2005-4827 |
|
|
Bypass |
2005-12-31 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. |
|
98334 |
CVE-2005-4826 |
|
|
DoS |
2005-12-31 |
2018-10-19 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. |
|
98335 |
CVE-2005-4825 |
|
|
DoS Bypass |
2005-12-31 |
2018-10-30 |
5.7 |
None |
Local Network |
Medium |
Not required |
None |
None |
Complete |
|
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332. |
|
98336 |
CVE-2005-4824 |
|
|
Exec Code File Inclusion |
2005-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965. |
|
98337 |
CVE-2005-4823 |
|
|
Exec Code Overflow |
2005-12-31 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors. |
|
98338 |
CVE-2005-4822 |
|
|
Exec Code Sql |
2005-12-31 |
2017-07-28 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. |
|
98339 |
CVE-2005-4821 |
|
|
Exec Code Sql |
2005-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2) the f parameter in events.php, or (3) the e parameter in plug.php. |
|
98340 |
CVE-2005-4820 |
|
|
DoS |
2005-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SMC Wireless Router model SMC7904WBRA allows remote attackers to cause a denial of service (reboot) by flooding the router with traffic. |
|
98341 |
CVE-2005-4819 |
|
|
XSS |
2005-12-31 |
2017-07-28 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
|
98342 |
CVE-2005-4818 |
|
|
Exec Code Sql |
2005-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
98343 |
CVE-2005-4817 |
|
|
DoS Exec Code |
2005-12-31 |
2017-07-28 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function. |
|
98344 |
CVE-2005-4816 |
|
|
DoS Exec Code Overflow |
2005-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password. |
|
98345 |
CVE-2005-4815 |
|
|
Exec Code |
2005-12-31 |
2018-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the "FX SAP R/3 gwrd vuln." |
|
98346 |
CVE-2005-4814 |
|
|
Exec Code |
2005-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory. |
|
98347 |
CVE-2005-4813 |
|
|
DoS |
2005-12-31 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certain network traffic, possibly involving multiple simultaneous TCP connections. |
|
98348 |
CVE-2005-4812 |
|
|
DoS |
2005-12-31 |
2017-07-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan. |
|
98349 |
CVE-2005-4811 |
|
|
DoS |
2005-12-31 |
2017-10-10 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function. |
|
98350 |
CVE-2005-4810 |
|
|
DoS |
2005-12-31 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of service (crash) via a "text/html" HTML Content-type header sent in response to an XMLHttpRequest (AJAX). |
