CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2005

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
951 CVE-2005-0570 DoS 2005-05-02 2017-07-10
5.0
None Remote Low Not required None None Partial
profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL.
952 CVE-2005-0569 Exec Code Sql 2005-05-02 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php.
953 CVE-2005-0568 DoS 2005-05-02 2016-10-17
5.0
None Remote Low Not required None None Partial
Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference.
954 CVE-2005-0567 Exec Code File Inclusion 2005-05-02 2017-07-10
7.5
None Remote Low Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.
955 CVE-2005-0565 Exec Code 2005-05-02 2017-07-10
7.5
None Remote Low Not required Partial Partial Partial
The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension.
956 CVE-2005-0560 Exec Code Overflow 2005-05-02 2018-10-12
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.
957 CVE-2005-0558 Exec Code Overflow 2005-05-02 2018-10-12
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.
958 CVE-2005-0554 DoS Exec Code Overflow Mem. Corr. 2005-05-02 2018-10-12
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
959 CVE-2005-0553 Exec Code Mem. Corr. 2005-05-02 2018-10-12
5.1
User Remote High Not required Partial Partial Partial
Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability".
960 CVE-2005-0551 Overflow +Priv 2005-05-02 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
961 CVE-2005-0550 DoS Overflow 2005-05-02 2018-10-12
2.1
None Local Low Not required None None Partial
Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".
962 CVE-2005-0549 XSS 2005-05-02 2016-10-17
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function.
963 CVE-2005-0546 Exec Code Overflow 2005-05-02 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
964 CVE-2005-0545 Bypass 2005-05-02 2019-04-30
7.2
Admin Local Low Not required Complete Complete Complete
Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. NOTE: this issue has been disputed in a followup post.
965 CVE-2005-0544 2005-05-02 2008-09-05
5.0
None Remote Low Not required Partial None None
phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
966 CVE-2005-0542 +Priv 2005-05-02 2016-10-17
4.6
User Local Low Not required Partial Partial Partial
saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain privileges by setting the adminUser parameter to true.
967 CVE-2005-0541 2005-05-02 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to connect to arbitrary consoles by modifying the consolename parameter.
968 CVE-2005-0540 +Info 2005-05-02 2016-10-17
5.0
None Remote Low Not required Partial None None
Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to obtain sensitive information via a direct request to the /about.html page.
969 CVE-2005-0539 +Priv 2005-05-02 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard.
970 CVE-2005-0538 Dir. Trav. 2005-05-02 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in (1) GinpPictureServlet.java and (2) PicCollection.java in ginp (Java Photo Gallery Web Application) before 0.22 allows remote attackers to read arbitrary files.
971 CVE-2005-0536 Dir. Trav. 2005-05-02 2008-09-05
5.0
None Remote Low Not required None None Partial
Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.
972 CVE-2005-0534 XSS 2005-05-02 2008-09-05
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script.
973 CVE-2005-0533 Exec Code Overflow 2005-05-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
974 CVE-2005-0532 Overflow 2005-05-02 2016-10-17
2.1
None Local Low Not required None None Partial
The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.
975 CVE-2005-0531 Overflow 2005-05-02 2017-10-10
2.1
None Local Low Not required None Partial None
The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.
976 CVE-2005-0530 2005-05-02 2017-10-18
2.1
None Local Low Not required Partial None None
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
977 CVE-2005-0529 Overflow 2005-05-02 2017-10-10
2.1
None Local Low Not required Partial None None
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.
978 CVE-2005-0527 Exec Code 2005-05-02 2017-10-10
5.1
None Remote High Not required Partial Partial Partial
Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."
979 CVE-2005-0526 XSS 2005-05-02 2016-10-17
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which is processed by pmpshow.php.
980 CVE-2005-0525 DoS 2005-05-02 2018-05-02
5.0
None Remote Low Not required None None Partial
The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.
981 CVE-2005-0524 DoS 2005-05-02 2018-05-02
5.0
None Remote Low Not required None None Partial
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.
982 CVE-2005-0523 Exec Code 2005-05-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
983 CVE-2005-0522 +Priv 2005-05-02 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges.
984 CVE-2005-0515 2005-05-18 2008-09-05
2.1
None Local Low Not required None Partial None
Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
985 CVE-2005-0501 Exec Code Overflow 2005-05-02 2017-07-11
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname.
986 CVE-2005-0500 2005-05-02 2017-07-10
5.0
None Remote Low Not required None Partial None
Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks.
987 CVE-2005-0498 Bypass 2005-05-02 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext.
988 CVE-2005-0497 +Priv 2005-05-02 2017-07-10
7.2
Admin Local Low Not required Complete Complete Complete
ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory.
989 CVE-2005-0493 Bypass 2005-05-02 2016-10-17
5.0
None Remote Low Not required None Partial None
CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter.
990 CVE-2005-0492 20 DoS 2005-05-02 2017-07-10
2.6
None Remote High Not required None None Partial
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node.
991 CVE-2005-0491 Exec Code Overflow 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
992 CVE-2005-0490 Exec Code Overflow 2005-05-02 2017-10-10
5.1
User Remote High Not required Partial Partial Partial
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.
993 CVE-2005-0469 Exec Code Overflow 2005-05-02 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
994 CVE-2005-0468 Exec Code Overflow 2005-05-02 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
995 CVE-2005-0465 2005-05-02 2008-09-05
2.1
None Local Low Not required None Partial None
gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.
996 CVE-2005-0464 2005-05-02 2008-09-05
2.1
None Local Low Not required Partial None None
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
997 CVE-2005-0463 Sql 2005-05-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown impact and attack vectors, probably related to SQL injection vulnerabilities in (1) host.php, (2) port.php, and (3) index.php.
998 CVE-2005-0461 2005-05-02 2008-09-05
5.0
None Remote Low Not required None Partial None
Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on comments."
999 CVE-2005-0460 +Info 2005-05-02 2008-09-05
5.0
None Remote Low Not required Partial None None
index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter.
1000 CVE-2005-0459 2005-05-02 2008-09-05
5.0
None Remote Low Not required Partial None None
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.
Total number of vulnerabilities : 1255   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 (This Page)21 22 23 24 25 26
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.