CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-3928 Exec Code Overflow 2005-11-30 2018-10-19
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument.
2 CVE-2005-3922 Exec Code Overflow 2005-11-30 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
3 CVE-2005-3891 DoS Overflow 2005-11-29 2017-07-20
7.8
None Remote Low Not required None None Complete
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
4 CVE-2005-3863 119 Exec Code Overflow 2005-11-29 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.
5 CVE-2005-3862 Exec Code Overflow 2005-11-29 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.
6 CVE-2005-3832 119 Exec Code Overflow 2005-11-26 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
7 CVE-2005-3831 119 Exec Code Overflow 2005-11-26 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
8 CVE-2005-3808 DoS Overflow 2005-11-25 2018-10-03
4.9
None Local Low Not required None None Complete
Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.
9 CVE-2005-3780 Exec Code Overflow 2005-11-23 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records.
10 CVE-2005-3768 DoS Exec Code Overflow 2005-11-23 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
11 CVE-2005-3760 119 DoS Overflow 2005-11-22 2011-03-08
7.8
None Remote Low Not required None None Complete
Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND).
12 CVE-2005-3737 Exec Code Overflow 2005-11-22 2011-03-08
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.
13 CVE-2005-3690 Exec Code Overflow 2005-11-19 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
14 CVE-2005-3684 DoS Exec Code Overflow 2005-11-19 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.
15 CVE-2005-3683 DoS Exec Code Overflow 2005-11-19 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
16 CVE-2005-3677 Exec Code Overflow 2005-11-18 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different.
17 CVE-2005-3668 DoS Overflow 2005-11-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable.
18 CVE-2005-3664 Exec Code Overflow 2005-11-18 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
19 CVE-2005-3662 119 DoS Exec Code Overflow 2005-11-18 2018-10-03
4.6
None Local Low Not required Partial Partial Partial
Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
20 CVE-2005-3640 119 Exec Code Overflow 2005-11-16 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.
21 CVE-2005-3632 Exec Code Overflow 2005-11-21 2018-10-03
4.6
None Local Low Not required Partial Partial Partial
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
22 CVE-2005-3589 DoS Overflow 2005-11-16 2018-10-19
7.8
None Remote Low Not required None None Complete
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
23 CVE-2005-3566 Exec Code Overflow 2005-11-16 2017-07-11
4.3
None Local Low ??? Partial Partial Partial
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
24 CVE-2005-3524 Exec Code Overflow 2005-11-07 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.
25 CVE-2005-3504 Exec Code Overflow 2005-11-05 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code.
26 CVE-2005-3491 Exec Code Overflow 2005-11-04 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.
27 CVE-2005-3489 Exec Code Overflow 2005-11-04 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.
28 CVE-2005-3487 Exec Code Overflow 2005-11-03 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors.
29 CVE-2005-3485 119 Exec Code Overflow 2005-11-03 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name.
30 CVE-2005-3483 119 Exec Code Overflow 2005-11-03 2019-03-25
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.
31 CVE-2005-3481 Exec Code Overflow 2005-11-03 2017-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed.
32 CVE-2005-3438 Overflow 2005-11-02 2012-10-23
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager.
33 CVE-2005-3433 Exec Code Overflow 2005-11-02 2016-10-18
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields.
34 CVE-2005-3396 Exec Code Overflow 2005-11-01 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.
35 CVE-2005-3354 119 Exec Code Overflow 2005-11-20 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
36 CVE-2005-3346 Overflow 2005-11-20 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call.
37 CVE-2005-3314 119 Exec Code Overflow 2005-11-18 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
38 CVE-2005-3186 Exec Code Overflow 2005-11-18 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
39 CVE-2005-3116 Exec Code Overflow 2005-11-18 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.
40 CVE-2005-2976 189 DoS Exec Code Overflow 2005-11-18 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
41 CVE-2005-2756 Exec Code Overflow 2005-11-05 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
42 CVE-2005-2754 189 Exec Code Overflow 2005-11-05 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes."
43 CVE-2005-2753 189 Exec Code Overflow 2005-11-05 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.
44 CVE-2005-2659 Overflow 2005-11-16 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors.
45 CVE-2005-2630 Exec Code Overflow 2005-11-18 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
46 CVE-2005-2629 Exec Code Overflow 2005-11-18 2018-05-03
5.1
None Remote High Not required Partial Partial Partial
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
47 CVE-2005-2124 Exec Code Overflow 2005-11-29 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."
48 CVE-2005-2123 Exec Code Overflow 2005-11-29 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord.
Total number of vulnerabilities : 48   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.