TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
Max CVSS
7.5
EPSS Score
0.76%
Published
2005-12-31
Updated
2017-08-08
Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c.
Max CVSS
7.5
EPSS Score
0.47%
Published
2005-12-31
Updated
2017-08-08
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.
Max CVSS
7.1
EPSS Score
0.04%
Published
2005-12-31
Updated
2024-02-16
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.
Max CVSS
9.3
EPSS Score
25.65%
Published
2005-12-31
Updated
2017-07-29
Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.
Max CVSS
6.8
EPSS Score
0.86%
Published
2005-12-31
Updated
2017-07-29
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
Max CVSS
10.0
EPSS Score
25.84%
Published
2005-12-31
Updated
2017-07-29
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-12-31
Updated
2017-07-29
Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-12-31
Updated
2017-07-29
The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password.
Max CVSS
5.0
EPSS Score
0.19%
Published
2005-12-31
Updated
2008-09-05
functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows remote attackers to bypass authentication by requesting account_manage.php with a trailing "/login.php" PHP_SELF value, which is not properly handled by the CHECK_AUTH function.
Max CVSS
7.5
EPSS Score
0.33%
Published
2005-12-31
Updated
2008-09-05
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.
Max CVSS
7.8
EPSS Score
0.04%
Published
2005-12-31
Updated
2024-02-14
mimicboard2 (Mimic2) 086 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mimic2.dat.
Max CVSS
6.4
EPSS Score
0.34%
Published
2005-12-31
Updated
2008-09-05
The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain sensitive information and see the admin pagelayout and associated templates via a request with (1) "anything after the url" or (2) a "wrong url".
Max CVSS
5.0
EPSS Score
0.20%
Published
2005-12-31
Updated
2015-07-28
eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.
Max CVSS
5.0
EPSS Score
0.20%
Published
2005-12-31
Updated
2015-07-28
The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrary postings.
Max CVSS
9.4
EPSS Score
0.19%
Published
2005-12-31
Updated
2015-07-28
The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass access restrictions by inserting certain characters in a URI, as demonstrated by a request for /admin:de, which matches a rule allowing only /admin_de to access /admin.
Max CVSS
5.0
EPSS Score
0.11%
Published
2005-12-31
Updated
2018-09-27
eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.
Max CVSS
5.0
EPSS Score
0.14%
Published
2005-12-31
Updated
2019-07-31
Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
Max CVSS
5.0
EPSS Score
0.05%
Published
2005-12-31
Updated
2008-09-05
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.
Max CVSS
7.5
EPSS Score
9.25%
Published
2005-12-31
Updated
2017-07-29
Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack vectors related to "A number of security holes which could lead to compromise," a different issue than CVE-2005-4846.
Max CVSS
10.0
EPSS Score
0.26%
Published
2005-12-31
Updated
2008-09-10
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
5.0
EPSS Score
0.19%
Published
2005-12-31
Updated
2009-08-28
The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.1
EPSS Score
2.42%
Published
2005-12-31
Updated
2021-07-23
The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.8
EPSS Score
2.51%
Published
2005-12-31
Updated
2021-07-23
The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.1
EPSS Score
2.42%
Published
2005-12-31
Updated
2021-07-23
The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.1
EPSS Score
2.42%
Published
2005-12-31
Updated
2021-07-23
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!