|
279821
|
- |
|
winace
|
winace
|
Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-2856
|
2018-10-20 00:33 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279822
|
- |
|
gnu
redhat
|
tar
enterprise_linux
enterprise_linux_desktop
linux_advanced_workstation
|
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwr…
|
CWE-22
Path Traversal
|
CVE-2005-1918
|
2018-10-20 00:32 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279823
|
- |
|
squirrelmail
|
gpg_plugin
|
The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in g…
|
NVD-CWE-Other
|
CVE-2005-1924
|
2018-10-20 00:32 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279824
|
- |
|
rob_flynn
|
gaim
|
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness err…
|
NVD-CWE-Other
|
CVE-2005-1934
|
2018-10-20 00:32 |
2005-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279825
|
- |
|
todd_miller
|
sudo
|
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
|
NVD-CWE-Other
|
CVE-2005-1993
|
2018-10-20 00:32 |
2005-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279826
|
- |
|
jboss
|
jboss
|
JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (perce…
|
NVD-CWE-Other
|
CVE-2005-2006
|
2018-10-20 00:32 |
2005-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279827
|
- |
|
duware
|
duforum
|
Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) iMsg parameter to messages.asp, iFor pa…
|
NVD-CWE-Other
|
CVE-2005-2048
|
2018-10-20 00:32 |
2005-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279828
|
- |
|
hosting_controller
|
hosting_controller
|
Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the error parameter.
|
NVD-CWE-Other
|
CVE-2005-2077
|
2018-10-20 00:32 |
2005-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279829
|
- |
|
kde
xpdf
|
kpdf
xpdf
|
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, whic…
|
NVD-CWE-Other
|
CVE-2005-2097
|
2018-10-20 00:32 |
2005-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279830
|
- |
|
linux
|
linux_kernel
|
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remot…
|
NVD-CWE-Other
|
CVE-2005-2098
|
2018-10-20 00:32 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
