CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-3114 DoS Exec Code Overflow 2005-09-30 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method.
2 CVE-2005-3092 Exec Code Overflow 2005-09-28 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allows remote attackers to execute arbitrary code via a .flp file that contains a long path to a (1) .mid or (2) .wav file.
3 CVE-2005-3084 DoS Overflow 2005-09-27 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image.
4 CVE-2005-3065 119 DoS Overflow 2005-09-27 2016-05-27
5.0
None Remote Low Not required None None Partial
MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read.
5 CVE-2005-3061 Exec Code Overflow 2005-09-27 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive.
6 CVE-2005-3060 Exec Code Overflow 2005-09-30 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
7 CVE-2005-3051 119 Exec Code Overflow 2005-09-24 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code via a large ARJ block.
8 CVE-2005-3033 DoS Exec Code Overflow 2005-09-22 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
9 CVE-2005-3032 DoS Exec Code Overflow 2005-09-22 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument.
10 CVE-2005-3031 Exec Code Overflow 2005-09-22 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name.
11 CVE-2005-3029 Exec Code Overflow 2005-09-21 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in an ACE archive.
12 CVE-2005-3013 Exec Code Overflow 2005-09-21 2017-07-11
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.
13 CVE-2005-2996 Exec Code Overflow 2005-09-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
14 CVE-2005-2964 Exec Code Overflow 2005-09-28 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.
15 CVE-2005-2957 Exec Code Overflow 2005-09-16 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive.
16 CVE-2005-2947 Exec Code Overflow 2005-09-16 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource.
17 CVE-2005-2920 Exec Code Overflow 2005-09-20 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.
18 CVE-2005-2903 Exec Code Overflow 2005-09-14 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
19 CVE-2005-2871 DoS Exec Code Overflow 2005-09-09 2018-05-03
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
20 CVE-2005-2856 119 Exec Code Overflow 2005-09-08 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
21 CVE-2005-2850 DoS Overflow 2005-09-08 2008-09-05
5.0
None Remote Low Not required None None Partial
SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error.
22 CVE-2005-2844 DoS Exec Code Overflow 2005-09-08 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long group name argument to the RenameGroup function in the MMClient.MunduMessenger.1 ActiveX object.
23 CVE-2005-2842 Exec Code Overflow 2005-09-08 2017-09-16
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.
24 CVE-2005-2841 DoS Exec Code Overflow 2005-09-08 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
25 CVE-2005-2810 Overflow +Priv 2005-09-07 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in urban before 1.5.3 allow local users to gain privileges via a long HOME environment variable to (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc.
26 CVE-2005-2799 Exec Code Overflow 2005-09-15 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
27 CVE-2005-2772 Exec Code Overflow 2005-09-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
28 CVE-2005-2768 Exec Code Overflow 2005-09-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.
29 CVE-2005-2767 Exec Code Overflow 2005-09-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file.
30 CVE-2005-2764 DoS Exec Code Overflow 2005-09-21 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
31 CVE-2005-2705 Exec Code Overflow 2005-09-23 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
32 CVE-2005-2701 Exec Code Overflow 2005-09-23 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.
33 CVE-2005-2658 Exec Code Overflow 2005-09-15 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.
34 CVE-2005-2495 189 Exec Code Overflow 2005-09-15 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
35 CVE-2005-2490 Exec Code Overflow 2005-09-14 2018-10-19
4.6
None Local Low Not required Partial Partial Partial
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
Total number of vulnerabilities : 35   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.