Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1329 | 1 Oneworldstore | 1 Oneworldstore | 2008-09-05 | 5.0 MEDIUM | N/A |
| owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sensitive information by modifying the idOrder parameter. | |||||
| CVE-2005-1330 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 4.9 MEDIUM | N/A |
| AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | |||||
| CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | |||||
| CVE-2005-1333 | 1 Apple | 1 Mac Os X | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | |||||
| CVE-2005-1335 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." | |||||
| CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | |||||
| CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | |||||
| CVE-2005-1338 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. | |||||
| CVE-2005-1339 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. | |||||
| CVE-2005-1340 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.5 HIGH | N/A |
| The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy. | |||||
| CVE-2005-1343 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | |||||
| CVE-2005-1346 | 1 Symantec | 7 Antivirus Scan Engine, Mail Security, Norton Antivirus and 4 more | 2008-09-05 | 2.6 LOW | N/A |
| Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file. | |||||
| CVE-2005-0682 | 1 Drupal | 1 Drupal | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs. | |||||
| CVE-2005-0686 | 1 Mlterm | 1 Mlterm | 2008-09-05 | 7.5 HIGH | N/A |
| Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background. | |||||
| CVE-2005-0687 | 1 Hashcash | 1 Hashcash | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header. | |||||
| CVE-2005-0693 | 1 Jowood Productions | 1 Chaser | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | |||||
| CVE-2005-0697 | 1 Brt | 1 Copperexport | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | |||||
| CVE-2005-0698 | 1 Jason Hines | 1 Phpweblog | 2008-09-05 | 4.6 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-0700 | 1 Aztek Forum | 1 Aztek Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie. | |||||
| CVE-2005-0702 | 1 Phpmyfaq | 1 Phpmyfaq | 2008-09-05 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages. | |||||