CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2005(Overflow) (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-4873 119 Exec Code Overflow 2005-12-31 2017-08-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c.
2 CVE-2005-4867 119 Exec Code Overflow 2005-12-31 2017-07-29
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.
3 CVE-2005-4865 119 Exec Code Overflow 2005-12-31 2017-07-29
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
4 CVE-2005-4864 119 Exec Code Overflow 2005-12-31 2017-07-29
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
5 CVE-2005-4863 119 Exec Code Overflow 2005-12-31 2017-07-29
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.
6 CVE-2005-4848 119 Exec Code Overflow 2005-12-31 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.
7 CVE-2005-4823 Exec Code Overflow 2005-12-31 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors.
8 CVE-2005-4816 DoS Exec Code Overflow 2005-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
9 CVE-2005-4808 Overflow 2005-12-31 2020-04-01
7.6
None Remote High Not required Complete Complete Complete
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.
10 CVE-2005-4807 119 Exec Code Overflow 2005-12-31 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.
11 CVE-2005-4776 DoS Overflow +Priv 2005-12-31 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges.
12 CVE-2005-4746 DoS Overflow 2005-12-31 2010-04-02
7.8
None Remote Low Not required None None Complete
Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".
13 CVE-2005-4604 Exec Code Overflow 2005-12-31 2009-11-12
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.
14 CVE-2005-4594 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive.
15 CVE-2005-4592 DoS Exec Code Overflow 2005-12-31 2017-07-20
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex.
16 CVE-2005-4591 DoS Exec Code Overflow 2005-12-31 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets.
17 CVE-2005-4569 Exec Code Overflow 2005-12-29 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value.
18 CVE-2005-4566 Overflow 2005-12-29 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
19 CVE-2005-4553 Exec Code Overflow 2005-12-28 2017-07-20
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
20 CVE-2005-4472 DoS Exec Code Overflow 2005-12-22 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters.
21 CVE-2005-4470 DoS Exec Code Overflow 2005-12-22 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow.
22 CVE-2005-4466 DoS Exec Code Overflow 2005-12-22 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters.
23 CVE-2005-4459 119 Exec Code Overflow 2005-12-21 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
24 CVE-2005-4456 DoS Exec Code Overflow 2005-12-21 2008-09-05
7.8
None Remote Low Not required None None Complete
Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. NOTE: it is possible that these are alternate vectors for the issue described in CVE-2005-4402.
25 CVE-2005-4439 DoS Exec Code Overflow 2005-12-21 2017-07-20
7.8
None Remote Low Not required None None Complete
Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a URL with a long (1) cmd or (2) mode parameter.
26 CVE-2005-4438 Exec Code Overflow 2005-12-21 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field.
27 CVE-2005-4411 Exec Code Overflow 2005-12-20 2017-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
28 CVE-2005-4272 Exec Code Overflow 2005-12-15 2018-10-19
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
29 CVE-2005-4271 Exec Code Overflow 2005-12-15 2018-10-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
30 CVE-2005-4270 Exec Code Overflow 2005-12-15 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long Realm field.
31 CVE-2005-4267 119 Exec Code Overflow 2005-12-21 2011-03-07
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
32 CVE-2005-4220 119 DoS Overflow 2005-12-14 2018-10-19
7.8
None Remote Low Not required None None Complete
Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.
33 CVE-2005-4153 DoS Overflow 2005-12-11 2017-10-11
7.8
None Remote Low Not required None None Complete
Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.
34 CVE-2005-4092 119 DoS Exec Code Overflow 2005-12-08 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement.
35 CVE-2005-4085 Exec Code Overflow 2005-12-31 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
36 CVE-2005-4050 Exec Code Overflow 2005-12-07 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol (SIP) packet.
37 CVE-2005-4048 119 Exec Code Overflow 2005-12-07 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
38 CVE-2005-3992 Exec Code Overflow 2005-12-04 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) PASS command to the FTP server.
39 CVE-2005-3964 Exec Code Overflow 2005-12-02 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
40 CVE-2005-3934 DoS Overflow 2005-12-01 2017-07-20
7.8
None Remote Low Not required None None Complete
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
41 CVE-2005-3922 Exec Code Overflow 2005-11-30 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
42 CVE-2005-3891 DoS Overflow 2005-11-29 2017-07-20
7.8
None Remote Low Not required None None Complete
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
43 CVE-2005-3863 119 Exec Code Overflow 2005-11-29 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.
44 CVE-2005-3862 Exec Code Overflow 2005-11-29 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.
45 CVE-2005-3780 Exec Code Overflow 2005-11-23 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records.
46 CVE-2005-3768 DoS Exec Code Overflow 2005-11-23 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
47 CVE-2005-3760 119 DoS Overflow 2005-11-22 2011-03-08
7.8
None Remote Low Not required None None Complete
Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND).
48 CVE-2005-3713 119 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block.
49 CVE-2005-3711 189 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values.
50 CVE-2005-3710 189 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags.
Total number of vulnerabilities : 475   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.