CVE-2005-4832

Public exploit
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
Max CVSS
7.5
EPSS Score
89.73%
Published
2005-12-31
Updated
2017-07-29

CVE-2005-4797

Public exploit
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
Max CVSS
5.0
EPSS Score
96.19%
Published
2005-12-31
Updated
2018-10-30

CVE-2005-4734

Public exploit
Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.
Max CVSS
6.4
EPSS Score
37.07%
Published
2005-12-31
Updated
2008-09-05

CVE-2005-4560

Public exploit
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
Max CVSS
7.5
EPSS Score
97.31%
Published
2005-12-28
Updated
2018-10-19

CVE-2005-4411

Public exploit
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
Max CVSS
7.5
EPSS Score
94.46%
Published
2005-12-20
Updated
2017-10-19

CVE-2005-4267

Public exploit
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
Max CVSS
7.5
EPSS Score
96.80%
Published
2005-12-21
Updated
2011-03-07

CVE-2005-4145

Public exploit
The MSDE version of Lyris ListManager 5.0 through 8.9b configures the sa account in the database to use a password with a small search space ("lyris" and up to 5 digits, possibly from the process ID), which allows remote attackers to gain access via a brute force attack.
Max CVSS
6.5
EPSS Score
30.37%
Published
2005-12-10
Updated
2018-10-19

CVE-2005-4085

Public exploit
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
Max CVSS
7.5
EPSS Score
57.82%
Published
2005-12-31
Updated
2011-03-08

CVE-2005-3757

Public exploit
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec.
Max CVSS
7.5
EPSS Score
44.73%
Published
2005-11-22
Updated
2018-10-19

CVE-2005-3683

Public exploit
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
Max CVSS
7.5
EPSS Score
70.85%
Published
2005-11-19
Updated
2017-07-11

CVE-2005-3589

Public exploit
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
Max CVSS
7.8
EPSS Score
55.87%
Published
2005-11-16
Updated
2018-10-19

CVE-2005-3498

Public exploit
IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive information.
Max CVSS
4.3
EPSS Score
0.37%
Published
2005-11-04
Updated
2018-09-26

CVE-2005-3398

Public exploit
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
Max CVSS
4.3
EPSS Score
0.80%
Published
2005-11-01
Updated
2018-10-30

CVE-2005-3314

Public exploit
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
Max CVSS
7.5
EPSS Score
85.32%
Published
2005-11-18
Updated
2017-07-11

CVE-2005-3252

Public exploit
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Max CVSS
7.5
EPSS Score
94.82%
Published
2005-10-18
Updated
2011-03-08

CVE-2005-3190

Public exploit
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
Max CVSS
7.5
EPSS Score
61.69%
Published
2005-10-13
Updated
2021-04-09

CVE-2005-3155

Public exploit
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
77.90%
Published
2005-10-05
Updated
2008-09-05

CVE-2005-2877

Public exploit
The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers.
Max CVSS
7.5
EPSS Score
96.82%
Published
2005-09-16
Updated
2016-10-18

CVE-2005-2852

Public exploit
Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm.
Max CVSS
5.0
EPSS Score
50.85%
Published
2005-09-08
Updated
2008-09-05

CVE-2005-2847

Public exploit
img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
Max CVSS
7.5
EPSS Score
97.03%
Published
2005-09-08
Updated
2016-10-18

CVE-2005-2799

Public exploit
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
Max CVSS
7.5
EPSS Score
70.54%
Published
2005-09-15
Updated
2008-09-05

CVE-2005-2773

Known exploited
Public exploit
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
Max CVSS
7.5
EPSS Score
96.61%
Published
2005-09-02
Updated
2017-07-11
CISA KEV Added
2022-03-25

CVE-2005-2733

Public exploit
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
91.68%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2668

Public exploit
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
95.17%
Published
2005-08-23
Updated
2021-04-14

CVE-2005-2612

Public exploit
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Max CVSS
7.5
EPSS Score
83.18%
Published
2005-08-17
Updated
2008-09-05
72 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!