Security Vulnerabilities, CVEs, Published In December 2005
CVE-2005-4832
Public exploit
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
Max CVSS
7.5
EPSS Score
89.73%
Published
2005-12-31
Updated
2017-07-29
CVE-2005-4797
Public exploit
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
Max CVSS
5.0
EPSS Score
96.19%
Published
2005-12-31
Updated
2018-10-30
CVE-2005-4734
Public exploit
Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.
Max CVSS
6.4
EPSS Score
37.07%
Published
2005-12-31
Updated
2008-09-05
CVE-2005-4560
Public exploit
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
Max CVSS
7.5
EPSS Score
97.36%
Published
2005-12-28
Updated
2018-10-19
CVE-2005-4411
Public exploit
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
Max CVSS
7.5
EPSS Score
94.46%
Published
2005-12-20
Updated
2017-10-19
CVE-2005-4267
Public exploit
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
Max CVSS
7.5
EPSS Score
96.80%
Published
2005-12-21
Updated
2011-03-07
CVE-2005-4145
Public exploit
The MSDE version of Lyris ListManager 5.0 through 8.9b configures the sa account in the database to use a password with a small search space ("lyris" and up to 5 digits, possibly from the process ID), which allows remote attackers to gain access via a brute force attack.
Max CVSS
6.5
EPSS Score
30.37%
Published
2005-12-10
Updated
2018-10-19
CVE-2005-4085
Public exploit
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
Max CVSS
7.5
EPSS Score
57.82%
Published
2005-12-31
Updated
2011-03-08
8 vulnerabilities found