CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-1275 DoS Overflow 2005-04-25 2017-10-11
5.0
None Remote Low Not required None None Partial
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
2 CVE-2005-1274 Exec Code Overflow 2005-04-26 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
3 CVE-2005-1142 Exec Code Overflow 2005-04-15 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values.
4 CVE-2005-1141 Exec Code Overflow 2005-04-15 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow.
5 CVE-2005-1099 Exec Code Overflow 2005-04-12 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
6 CVE-2005-1035 Overflow 2005-04-05 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact.
7 CVE-2005-0755 Exec Code Overflow 2005-04-19 2017-11-21
5.1
None Remote High Not required Partial Partial Partial
Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.
8 CVE-2005-0753 Exec Code Overflow 2005-04-18 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
9 CVE-2005-0684 Exec Code Overflow 2005-04-25 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
10 CVE-2005-0555 Exec Code Overflow Mem. Corr. 2005-04-12 2021-07-23
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability."
11 CVE-2005-0419 Exec Code Overflow 2005-04-27 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command.
12 CVE-2005-0416 Exec Code Overflow 2005-04-27 2019-04-30
7.5
None Remote Low Not required Partial Partial Partial
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
13 CVE-2005-0351 119 Exec Code Overflow 2005-04-07 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
14 CVE-2005-0206 Overflow 2005-04-27 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
15 CVE-2005-0124 DoS Exec Code Overflow 2005-04-14 2018-10-19
2.1
None Local Low Not required None None Partial
The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow.
16 CVE-2005-0020 Exec Code Overflow 2005-04-14 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
17 CVE-2005-0016 Exec Code Overflow 2005-04-14 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code.
18 CVE-2004-1005 Overflow 2005-04-14 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
Total number of vulnerabilities : 18   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.