CVE-2005-4832

Public exploit
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
Max CVSS
7.5
EPSS Score
89.73%
Published
2005-12-31
Updated
2017-07-29

CVE-2005-4734

Public exploit
Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.
Max CVSS
6.4
EPSS Score
37.07%
Published
2005-12-31
Updated
2008-09-05

CVE-2005-4560

Public exploit
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
Max CVSS
7.5
EPSS Score
97.31%
Published
2005-12-28
Updated
2018-10-19

CVE-2005-4411

Public exploit
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
Max CVSS
7.5
EPSS Score
94.46%
Published
2005-12-20
Updated
2017-10-19

CVE-2005-4267

Public exploit
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
Max CVSS
7.5
EPSS Score
96.80%
Published
2005-12-21
Updated
2011-03-07

CVE-2005-4145

Public exploit
The MSDE version of Lyris ListManager 5.0 through 8.9b configures the sa account in the database to use a password with a small search space ("lyris" and up to 5 digits, possibly from the process ID), which allows remote attackers to gain access via a brute force attack.
Max CVSS
6.5
EPSS Score
30.37%
Published
2005-12-10
Updated
2018-10-19

CVE-2005-4085

Public exploit
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
Max CVSS
7.5
EPSS Score
57.82%
Published
2005-12-31
Updated
2011-03-08

CVE-2005-3757

Public exploit
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec.
Max CVSS
7.5
EPSS Score
44.73%
Published
2005-11-22
Updated
2018-10-19

CVE-2005-3683

Public exploit
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
Max CVSS
7.5
EPSS Score
70.85%
Published
2005-11-19
Updated
2017-07-11

CVE-2005-3589

Public exploit
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
Max CVSS
7.8
EPSS Score
55.87%
Published
2005-11-16
Updated
2018-10-19

CVE-2005-3314

Public exploit
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
Max CVSS
7.5
EPSS Score
85.32%
Published
2005-11-18
Updated
2017-07-11

CVE-2005-3252

Public exploit
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Max CVSS
7.5
EPSS Score
94.82%
Published
2005-10-18
Updated
2011-03-08

CVE-2005-3190

Public exploit
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
Max CVSS
7.5
EPSS Score
61.69%
Published
2005-10-13
Updated
2021-04-09

CVE-2005-3155

Public exploit
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
77.90%
Published
2005-10-05
Updated
2008-09-05

CVE-2005-2877

Public exploit
The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers.
Max CVSS
7.5
EPSS Score
96.82%
Published
2005-09-16
Updated
2016-10-18

CVE-2005-2847

Public exploit
img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
Max CVSS
7.5
EPSS Score
97.03%
Published
2005-09-08
Updated
2016-10-18

CVE-2005-2799

Public exploit
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
Max CVSS
7.5
EPSS Score
70.54%
Published
2005-09-15
Updated
2008-09-05

CVE-2005-2773

Known exploited
Public exploit
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
Max CVSS
7.5
EPSS Score
96.61%
Published
2005-09-02
Updated
2017-07-11
CISA KEV Added
2022-03-25

CVE-2005-2733

Public exploit
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
91.68%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2668

Public exploit
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
95.17%
Published
2005-08-23
Updated
2021-04-14

CVE-2005-2612

Public exploit
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Max CVSS
7.5
EPSS Score
83.18%
Published
2005-08-17
Updated
2008-09-05

CVE-2005-2611

Public exploit
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
Max CVSS
10.0
EPSS Score
97.33%
Published
2005-08-17
Updated
2017-07-11

CVE-2005-2551

Public exploit
Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors.
Max CVSS
7.5
EPSS Score
93.05%
Published
2005-08-12
Updated
2008-09-05

CVE-2005-2535

Public exploit
Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
Max CVSS
7.5
EPSS Score
15.44%
Published
2005-08-10
Updated
2021-05-20

CVE-2005-2373

Public exploit
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
Max CVSS
7.2
EPSS Score
13.09%
Published
2005-07-26
Updated
2016-10-18
59 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!