Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 614

Количество 331 614

nvd логотип

CVE-2005-1213

больше 20 лет назад

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.

CVSS2: 7.5
EPSS: Высокий
nvd логотип

CVE-2005-1212

больше 20 лет назад

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2005-1211

больше 20 лет назад

Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.

CVSS2: 5.1
EPSS: Средний
nvd логотип

CVE-2005-1208

больше 20 лет назад

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

CVSS2: 10
EPSS: Средний
nvd логотип

CVE-2005-1207

больше 20 лет назад

Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2005-1206

больше 20 лет назад

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2005-1205

больше 20 лет назад

The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

CVSS2: 5
EPSS: Средний
nvd логотип

CVE-2005-1204

почти 21 год назад

Desktop Rover 3.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a crafted packet to TCP port 61427, which causes an invalid memory access.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2005-1203

почти 21 год назад

Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2005-1202

почти 21 год назад

Multiple cross-site scripting (XSS) vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter to index.php or (5) category_id parameter.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2005-1201

почти 21 год назад

Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist.

CVSS2: 6.4
EPSS: Средний
nvd логотип

CVE-2005-1200

почти 21 год назад

PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2005-1199

почти 21 год назад

SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2005-1198

почти 21 год назад

Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote attackers to read arbitrary files via hex-encoded null characters (%00) in the middle of ".." sequences in the template parameter.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2005-1197

почти 21 год назад

SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2005-1196

почти 21 год назад

SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2005-1195

почти 21 год назад

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2005-1194

почти 21 год назад

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

CVSS2: 4.6
EPSS: Низкий
nvd логотип

CVE-2005-1193

больше 20 лет назад

The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) activex:, (5) chrome:, or (6) script: URI scheme, as demonstrated using the URL tag.

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2005-1192

почти 21 год назад

Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.

CVSS2: 5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2005-1213

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.

CVSS2: 7.5
84%
Высокий
больше 20 лет назад
nvd логотип
CVE-2005-1212

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

CVSS2: 7.5
35%
Средний
больше 20 лет назад
nvd логотип
CVE-2005-1211

Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.

CVSS2: 5.1
43%
Средний
больше 20 лет назад
nvd логотип
CVE-2005-1208

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

CVSS2: 10
38%
Средний
больше 20 лет назад
nvd логотип
CVE-2005-1207

Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.

CVSS2: 7.2
1%
Низкий
больше 20 лет назад
nvd логотип
CVE-2005-1206

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."

CVSS2: 7.5
47%
Средний
больше 20 лет назад
nvd логотип
CVE-2005-1205

The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

CVSS2: 5
43%
Средний
больше 20 лет назад
nvd логотип
CVE-2005-1204

Desktop Rover 3.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a crafted packet to TCP port 61427, which causes an invalid memory access.

CVSS2: 5
10%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1203

Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter.

CVSS2: 7.5
4%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1202

Multiple cross-site scripting (XSS) vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter to index.php or (5) category_id parameter.

CVSS2: 6.8
8%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1201

Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist.

CVSS2: 6.4
11%
Средний
почти 21 год назад
nvd логотип
CVE-2005-1200

PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code.

CVSS2: 7.5
3%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1199

SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.

CVSS2: 7.5
0%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1198

Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote attackers to read arbitrary files via hex-encoded null characters (%00) in the middle of ".." sequences in the template parameter.

CVSS2: 5
0%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1197

SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.

CVSS2: 7.5
1%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1196

SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter.

CVSS2: 7.5
0%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1195

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code.

CVSS2: 7.5
2%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1194

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

CVSS2: 4.6
0%
Низкий
почти 21 год назад
nvd логотип
CVE-2005-1193

The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) activex:, (5) chrome:, or (6) script: URI scheme, as demonstrated using the URL tag.

CVSS2: 7.5
34%
Средний
больше 20 лет назад
nvd логотип
CVE-2005-1192

Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.

CVSS2: 5
2%
Низкий
почти 21 год назад

Уязвимостей на страницу