CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-3318 Exec Code Overflow 2005-10-27 2017-07-19
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930.
2 CVE-2005-3317 119 Exec Code Overflow 2005-10-27 2009-03-25
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename, which is not properly handled by (a) zipgenius.exe, (b) zg.exe, (c) zgtips.dll, and (d) contmenu.dll; (2) a long original name in a (a) UUE, (b) XXE, or (c) MIM file, which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename, which is not properly handled by unacev2.dll.
3 CVE-2005-3298 Exec Code Overflow 2005-10-23 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
4 CVE-2005-3297 Exec Code Overflow 2005-10-23 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
5 CVE-2005-3284 Exec Code Overflow 2005-10-23 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives.
6 CVE-2005-3279 Overflow +Priv 2005-10-23 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option.
7 CVE-2005-3278 Exec Code Overflow 2005-10-23 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer (BMV) 1.2 allows local users to execute arbitrary code via a PostScript (PS) file containing a large number of pages value, which leads to a resultant buffer overflow.
8 CVE-2005-3269 119 DoS Overflow +Priv 2005-10-20 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.
9 CVE-2005-3267 189 DoS Overflow 2005-10-27 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow.
10 CVE-2005-3265 119 Exec Code Overflow 2005-10-27 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
11 CVE-2005-3263 Exec Code Overflow 2005-10-20 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name.
12 CVE-2005-3252 Exec Code Overflow 2005-10-18 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
13 CVE-2005-3243 Exec Code Overflow 2005-10-27 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
14 CVE-2005-3197 Exec Code Overflow 2005-10-14 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.
15 CVE-2005-3194 Exec Code Overflow 2005-10-14 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.
16 CVE-2005-3190 Exec Code Overflow 2005-10-13 2021-04-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
17 CVE-2005-3185 119 Exec Code Overflow 2005-10-13 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
18 CVE-2005-3184 Exec Code Overflow 2005-10-20 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
19 CVE-2005-3182 Exec Code Overflow 2005-10-20 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
20 CVE-2005-3178 Exec Code Overflow 2005-10-07 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
21 CVE-2005-3172 Overflow 2005-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attacks.
22 CVE-2005-3155 Exec Code Overflow 2005-10-05 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
23 CVE-2005-3151 Exec Code Overflow 2005-10-05 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.
24 CVE-2005-3142 Exec Code Overflow 2005-10-05 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
25 CVE-2005-3135 Exec Code Overflow 2005-10-04 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.
26 CVE-2005-3120 Exec Code Overflow 2005-10-17 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
27 CVE-2005-2972 119 Exec Code Overflow 2005-10-23 2018-10-03
5.1
None Remote High Not required Partial Partial Partial
Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsInsideBrace, (3) HandleLists, (4) or (5) HandleAbiLists functions in ie_imp_RTF.cpp, a different vulnerability than CVE-2005-2964.
28 CVE-2005-2971 Exec Code Overflow 2005-10-20 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
29 CVE-2005-2961 Exec Code Overflow 2005-10-05 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
30 CVE-2005-2943 Exec Code Overflow 2005-10-13 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
31 CVE-2005-2933 Exec Code Overflow 2005-10-13 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
32 CVE-2005-2930 119 Exec Code Overflow 2005-10-28 2011-08-02
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318.
33 CVE-2005-2927 Exec Code Overflow 2005-10-25 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
34 CVE-2005-2926 Exec Code Overflow 2005-10-25 2019-10-09
4.6
None Local Low Not required Partial Partial Partial
Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
35 CVE-2005-2804 DoS Overflow 2005-10-04 2017-07-11
5.0
None Remote Low Not required None None Partial
Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.
36 CVE-2005-2758 Exec Code Overflow 2005-10-05 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
37 CVE-2005-2747 Exec Code Overflow 2005-10-25 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file.
38 CVE-2005-2744 Exec Code Overflow 2005-10-25 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
39 CVE-2005-2469 Exec Code Overflow 2005-10-20 2017-07-11
4.6
None Local Low Not required Partial Partial Partial
Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command.
40 CVE-2005-2122 Exec Code Overflow 2005-10-21 2019-04-30
10.0
None Remote Low Not required Complete Complete Complete
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
41 CVE-2005-2120 Exec Code Overflow 2005-10-13 2018-10-12
6.5
None Remote Low ??? Partial Partial Partial
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
42 CVE-2005-2118 Exec Code Overflow 2005-10-21 2019-04-30
5.1
None Remote High Not required Partial Partial Partial
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122.
43 CVE-2005-1987 120 Exec Code Overflow 2005-10-13 2020-04-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Total number of vulnerabilities : 43   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.