Security Vulnerabilities, CVEs, Published In November 2005
CVE-2005-3757
Public exploit
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec.
Max CVSS
7.5
EPSS Score
44.73%
Published
2005-11-22
Updated
2018-10-19
CVE-2005-3683
Public exploit
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
Max CVSS
7.5
EPSS Score
70.85%
Published
2005-11-19
Updated
2017-07-11
CVE-2005-3589
Public exploit
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
Max CVSS
7.8
EPSS Score
55.87%
Published
2005-11-16
Updated
2018-10-19
CVE-2005-3498
Public exploit
IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive information.
Max CVSS
4.3
EPSS Score
0.37%
Published
2005-11-04
Updated
2018-09-26
CVE-2005-3398
Public exploit
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
Max CVSS
4.3
EPSS Score
0.80%
Published
2005-11-01
Updated
2018-10-30
CVE-2005-3314
Public exploit
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
Max CVSS
7.5
EPSS Score
85.32%
Published
2005-11-18
Updated
2017-07-11
6 vulnerabilities found