CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2005

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2005-3208 Exec Code Sql XSS 2005-10-14 2017-07-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop and (3) aeNovoWYSI allow remote attackers to execute arbitrary SQL code via (a) the password parameter in control.asp, and (b) the strSQL parameter in search.asp, which can enable XSS attacks in resulting error messages.
152 CVE-2005-3207 DoS 2005-10-14 2017-07-10
5.0
None Remote Low Not required None None Partial
The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote attackers to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command.
153 CVE-2005-3206 DoS 2005-10-14 2017-07-10
5.0
None Remote Low Not required None None Partial
iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command.
154 CVE-2005-3205 79 Exec Code XSS 2005-10-14 2017-07-10
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table.
155 CVE-2005-3204 XSS 2005-10-14 2017-07-10
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request.
156 CVE-2005-3203 +Priv 2005-10-14 2017-07-10
4.6
User Local Low Not required Partial Partial Partial
The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges.
157 CVE-2005-3202 XSS 2005-10-14 2017-07-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters.
158 CVE-2005-3201 Sql 2005-10-14 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter.
159 CVE-2005-3200 XSS 2005-10-14 2017-07-10
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro (UNP) 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the sitetitle parameter in header.php and (2) the version and (3) query_count parameters in footer.php.
160 CVE-2005-3199 Exec Code Sql 2005-10-14 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.
161 CVE-2005-3198 2005-10-14 2017-07-10
4.6
User Local Low Not required Partial Partial Partial
Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands.
162 CVE-2005-3197 Exec Code Overflow 2005-10-14 2017-07-10
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.
163 CVE-2005-3196 +Priv 2005-10-14 2016-10-17
4.6
User Local Low Not required Partial Partial Partial
Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.
164 CVE-2005-3194 Exec Code Overflow 2005-10-14 2017-07-10
5.1
User Remote High Not required Partial Partial Partial
Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.
165 CVE-2005-3190 Exec Code Overflow 2005-10-13 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
166 CVE-2005-3185 119 Exec Code Overflow 2005-10-13 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
167 CVE-2005-3184 Exec Code Overflow 2005-10-20 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
168 CVE-2005-3183 20 DoS 2005-10-12 2018-10-03
4.3
None Remote Medium Not required None None Partial
The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.
169 CVE-2005-3182 Exec Code Overflow 2005-10-20 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
170 CVE-2005-3181 399 DoS 2005-10-12 2018-10-19
2.1
None Local Low Not required None None Partial
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
171 CVE-2005-3180 +Info 2005-10-12 2018-10-19
5.0
None Remote Low Not required Partial None None
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
172 CVE-2005-3179 264 +Info 2005-10-12 2017-02-19
2.1
None Local Low Not required Partial None None
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.
173 CVE-2005-3178 Exec Code Overflow 2005-10-07 2018-10-19
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
174 CVE-2005-3177 2005-10-06 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.
175 CVE-2005-3176 2005-10-06 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.
176 CVE-2005-3175 2005-10-06 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local administrator to unlock a computer even if it has been locked by a domain administrator, which allows the local administrator to access the session as the domain administrator.
177 CVE-2005-3174 2005-10-06 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.
178 CVE-2005-3173 Bypass 2005-10-06 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs on using UPN credentials with a trailing dot, which prevents Windows 2000 from finding the correct domain controller and could allow the user to bypass intended restrictions.
179 CVE-2005-3172 Overflow 2005-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attacks.
180 CVE-2005-3171 2005-10-06 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group Policy security settings were successfully updated, even when the processing fails such as when Ntuser.pol cannot be accessed, which could cause system administrators to believe that the system is compliant with the specified settings.
181 CVE-2005-3170 2005-10-06 2008-09-05
5.1
None Remote High Not required Partial Partial Partial
The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site.
182 CVE-2005-3169 2005-10-06 2008-09-05
5.0
None Remote Low Not required None Partial None
Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized activities without detection.
183 CVE-2005-3168 2005-10-06 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the template.
184 CVE-2005-3167 XSS 2005-10-06 2008-09-05
4.3
None Remote Medium Not required None Partial None
Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not properly remove certain CSS inputs (HTML inline style attributes) that are processed as active content by Internet Explorer, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
185 CVE-2005-3166 DoS 2005-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in "edit submission handling" for MediaWiki 1.4.x before 1.4.10 and 1.3.x before 1.3.16 allows remote attackers to cause a denial of service (corruption of the previous submission) via a crafted URL.
186 CVE-2005-3165 XSS Bypass 2005-10-06 2008-09-05
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet Explorer clients.
187 CVE-2005-3164 200 +Info 2005-10-06 2011-10-17
2.6
None Remote High Not required Partial None None
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
188 CVE-2005-3163 2005-10-06 2008-09-05
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the web root.
189 CVE-2005-3161 Exec Code Sql 2005-10-06 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
190 CVE-2005-3160 Exec Code Sql 2005-10-06 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote attackers to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
191 CVE-2005-3159 Exec Code Sql 2005-10-06 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
192 CVE-2005-3158 Exec Code Sql 2005-10-06 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159.
193 CVE-2005-3157 Exec Code Sql 2005-10-06 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
194 CVE-2005-3156 XSS Dir. Trav. 2005-10-05 2016-10-17
4.3
None Remote Medium Not required Partial None None
Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal.
195 CVE-2005-3155 Exec Code Overflow 2005-10-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
196 CVE-2005-3154 134 DoS Exec Code 2005-10-05 2016-09-30
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name.
197 CVE-2005-3153 Sql Bypass 2005-10-05 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a myBloggie vulnerability.
198 CVE-2005-3152 XSS 2005-10-05 2017-07-10
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the redir parameter to (1) cart.php or (2) index.php, or (3) the searchStr parameter in a viewCat action to index.php. Note: vectors (1) and (2) were later reported to affect 3.0.7-pl1.
199 CVE-2005-3151 Exec Code Overflow 2005-10-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.
200 CVE-2005-3150 Exec Code 2005-10-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames.
Total number of vulnerabilities : 283   Page : 1 2 3 4 (This Page)5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.