CVE List for March 2005 (164 vulnerabilities)

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption...

Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fa...

Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consum...

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via...

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and p...

Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format st...

Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthor...

Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invali...

Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the anti-virus capability via the smency.nsf file.

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a...

The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers ...

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary c...

iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attacker...

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj arc...

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict acces...

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbit...

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration ...

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a ta...

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read...

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a de...

Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote att...

Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1...

The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.

A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified ...

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same ...

Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an ...

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP res...

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML ...

RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filen...

Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL.

Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword p...

Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the ...

sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.

delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters.

PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the...

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

Einstein 1.0 stores credit card information in plaintext in the world-readable wallets.dat file, which allows local users to steal the information.

Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.

Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via...

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed ima...

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image pro...

Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows ...

Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to ...

Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via form...

Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text ...

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish...

Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (...

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to u...

Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP pac...

Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.

Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary ...

PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifyin...

Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fusion 5.x allows remote attackers to inject arbitrary web script or HTML via a me...

nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer over...

Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of ...

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlock...

Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via...

Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script...

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with ...

PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP ...

Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image f...

includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template paramet...

Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privil...

Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary ...

Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remote attackers to obtain sensitive information via a...

The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e...

SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL comm...

PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PA...

The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie.

Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modifi...

SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum message...

Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.03...

eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks t...

Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to execute arbitrary code via the command line.

The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or o...

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-C...

Multiple access validation errors in OutStart Participate Enterprise (PE) allow remote attackers to (1) browse arbitrary directory trees by modifying ...

Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue w...

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allo...

PHP remote file inclusion vulnerability in admin/header.php in PHP mcNews 1.3 allows remote attackers to execute arbitrary PHP code by modifying the s...

Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbi...

SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbit...

Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username p...

ApplyYourself i-Class allows remote attackers to obtain sensitive information about their own applications by reusing the hidden ID field, as demonstr...

Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (proce...

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of e...

UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restrictions by dialing "*#26845#" and causing a device ...

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Fi...

PHP remote file inclusion vulnerability in initdb.php for WEBInsta Mailing list manager 1.3d allows remote attackers to execute arbitrary PHP code by ...

SQL injection vulnerability in member.php and possibly other scripts in PhotoPost PHP 5.0 RC3 allows remote attackers to execute arbitrary SQL command...

Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).

paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) auth.php, (2) login.php, (3) category.php...

Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery ava...

phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing b...

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet ...

Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, ...

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes...

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users ...

Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers to have "potentially serious" impact, related to LD...

The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows loc...

Directory traversal vulnerability in SD Server 4.0.70 and earlier allows remote attackers to read arbitrary files via .. sequences in an HTTP request.

Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scriptin...

Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML...

The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service (daemon exit), possibly related to verbose debug messages wh...

SQL injection vulnerability in gb_new.inc in SimpGB allows remote attackers to execute arbitrary SQL commands via the quote parameter to guestbook.php...

LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full pathname in a Gnutella GET request.

Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a magnet reque...

phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to (1) lib-xmlrpcs.inc.php, (2) maintenance-activation.ph...

Cross-site scripting (XSS) vulnerability in adframe.php in phpAdsNew 2.0.4-pr1, when register_globals is enabled, allows remote attackers to inject ar...

HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified v...

Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd cl...

Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allows local users with DRI privileges to execute arbitrary code as root.

SQL injection vulnerability in ZPanel 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter to index.php or (2) pa...

PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows remote attackers to (1) execute arbitrary PHP code in ZPanel 2.0 or (2) include...

ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used, which allows remote attackers to reinstall the s...

Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive informa...

Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote atta...

MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use...

Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows lo...

The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass ac...

AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box.

Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute...

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facil...

ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.

Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.

Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title fie...

Cross-site scripting (XSS) vulnerability in articles.newcomment for Interspire ArticleLive 2005 allows remote attackers to inject arbitrary web script...

Multiple cross-site scripting (XSS) vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via ...

Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in...

Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attackers to inject arbitrary web script or HTML via th...

Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb.

Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof leg...

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a ....

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a ...

Cross-site scripting (XSS) vulnerability in downloadform.php in E-Store Kit-2 PayPal Edition allows remote attackers to inject arbitrary web script or...

marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter,...

Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the...

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain pr...

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and pos...

Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via ...

Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.p...

Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vuln...

Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword.

PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execute arbitrary PHP code.

SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on...

Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ ...

SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL comman...

SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2)...

Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows remote attackers to inject arbitrary web script or HTML by posting a message.

Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script v...

Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (...

Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remote attackers to read arbitrary files via ".." seque...

Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login r...

TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script.

TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a large number of connections with a negative Content...

Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users ...

Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a cra...

Cross-site scripting (XSS) vulnerability in comment.php for paNews 2.0b4 for PHP Arena allows remote attackers to inject arbitrary HTML and web script...

Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple user...

Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitr...

Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop us...

Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username...