|
346441
|
- |
|
arc
|
arc
|
arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by (1) arc (arc.c) or (2) marc (marc.c).
|
NVD-CWE-Other
|
CVE-2005-2945
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346442
|
- |
|
-
|
-
|
KillProcess 2.20 and earlier allows local users to bypass kill list restrictions by launching multiple processes at the same time, which are not all killed by KillProcess.
|
NVD-CWE-Other
|
CVE-2005-2948
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346443
|
- |
|
mark_d._roth
|
pam_per_user
|
pam_per_user before 0.4 does not verify if the user name changes between authentication attempts and uses the same subrequest handle, which allows remote attackers or local users to login as other us…
|
NVD-CWE-Other
|
CVE-2005-2949
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346444
|
- |
|
miva
|
miva_merchant
|
Cross-site scripting (XSS) vulnerability in merchant.mvc in MIVA Merchant 5 allows remote attackers to inject arbitrary web script or HTML via the Customer_Login parameter.
|
NVD-CWE-Other
|
CVE-2005-2953
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346445
|
- |
|
adaptive_technology_resource_centre
|
atutor
|
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute a…
|
NVD-CWE-Other
|
CVE-2005-2955
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346446
|
- |
|
adaptive_technology_resource_centre
|
atutor
|
ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain…
|
NVD-CWE-Other
|
CVE-2005-2956
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346447
|
- |
|
avira
|
desktop
|
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename…
|
NVD-CWE-Other
|
CVE-2005-2957
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346448
|
- |
|
compaq
|
compaqhttpserver
|
Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting 404 error pa…
|
NVD-CWE-Other
|
CVE-2005-2982
|
2016-10-18 12:31 |
2005-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346449
|
- |
|
oracle
|
reports
|
SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramfor…
|
CWE-89
SQL Injection
|
CVE-2005-2983
|
2016-10-18 12:31 |
2005-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346450
|
- |
|
symantec
|
norton_antivirus
|
Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.…
|
NVD-CWE-Other
|
CVE-2005-2766
|
2016-10-18 12:30 |
2005-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
