Security Vulnerabilities, CVEs, Published In November 2005
Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php.
Max CVSS
7.5
EPSS Score
1.35%
Published
2005-11-18
Updated
2017-07-11
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord.
Max CVSS
7.5
EPSS Score
39.70%
Published
2005-11-29
Updated
2018-10-12
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."
Max CVSS
7.6
EPSS Score
96.26%
Published
2005-11-29
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in the Unicode version of msearch (unicode-msearch) 1.51(U1)-beta1, 1.51(U1), and 1.52(U1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.14%
Published
2005-11-21
Updated
2008-09-05
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
Max CVSS
5.1
EPSS Score
93.88%
Published
2005-11-05
Updated
2018-10-19
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
Max CVSS
5.1
EPSS Score
21.91%
Published
2005-11-18
Updated
2018-05-03
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
Max CVSS
5.1
EPSS Score
45.81%
Published
2005-11-18
Updated
2017-07-11
Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.58%
Published
2005-11-16
Updated
2008-09-10
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-11-20
Updated
2018-10-19
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
Max CVSS
2.1
EPSS Score
0.21%
Published
2005-11-01
Updated
2017-07-11
Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability.
Max CVSS
2.1
EPSS Score
0.07%
Published
2005-11-01
Updated
2017-07-11
Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed.
Max CVSS
2.1
EPSS Score
0.07%
Published
2005-11-01
Updated
2017-07-11
memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group.
Max CVSS
2.1
EPSS Score
0.07%
Published
2005-11-01
Updated
2017-07-11
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.
Max CVSS
2.1
EPSS Score
0.07%
Published
2005-11-01
Updated
2011-03-08
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.
Max CVSS
5.1
EPSS Score
1.82%
Published
2005-11-05
Updated
2018-10-19
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes."
Max CVSS
5.1
EPSS Score
1.82%
Published
2005-11-05
Updated
2018-10-19
Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference.
Max CVSS
2.6
EPSS Score
0.58%
Published
2005-11-05
Updated
2018-10-19
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
Max CVSS
5.1
EPSS Score
15.62%
Published
2005-11-05
Updated
2018-10-19
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Max CVSS
7.5
EPSS Score
1.79%
Published
2005-11-18
Updated
2018-10-19
Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file.
Max CVSS
7.2
EPSS Score
0.18%
Published
2005-11-18
Updated
2011-05-19
Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-11-18
Updated
2011-03-10
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-11-18
Updated
2008-09-05
Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs (1) GIANTAntiSpywareMain.exe, (2) gcASNotice.exe, (3) gcasServ.exe, (4) gcasSWUpdater.exe, or (5) GIANTAntiSpywareUpdater.exe. NOTE: it is not clear whether this overlaps CVE-2005-2935.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-11-18
Updated
2008-09-05
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
Max CVSS
2.6
EPSS Score
3.35%
Published
2005-11-04
Updated
2023-02-13
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Max CVSS
7.8
EPSS Score
0.87%
Published
2005-11-18
Updated
2023-08-11