CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2005-0581 Exec Code Overflow 2005-05-02 2021-04-09
4.6
None Local Low Not required Partial Partial Partial
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
452 CVE-2005-0575 2 DoS Exec Code Overflow 2005-05-02 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
453 CVE-2005-0566 Exec Code Overflow 2005-01-22 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.
454 CVE-2005-0564 Exec Code Overflow 2005-07-12 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information.
455 CVE-2005-0560 787 Exec Code Overflow 2005-05-02 2020-04-09
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.
456 CVE-2005-0558 Exec Code Overflow 2005-05-02 2018-10-12
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.
457 CVE-2005-0555 Exec Code Overflow Mem. Corr. 2005-04-12 2021-07-23
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability."
458 CVE-2005-0554 DoS Exec Code Overflow Mem. Corr. 2005-05-02 2021-07-23
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
459 CVE-2005-0551 Overflow +Priv 2005-05-02 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
460 CVE-2005-0550 DoS Overflow 2005-05-02 2018-10-12
2.1
None Local Low Not required None None Partial
Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".
461 CVE-2005-0546 Exec Code Overflow 2005-05-02 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
462 CVE-2005-0533 Exec Code Overflow 2005-05-02 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
463 CVE-2005-0532 Overflow 2005-05-02 2016-10-18
2.1
None Local Low Not required None None Partial
The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.
464 CVE-2005-0531 Overflow 2005-05-02 2017-10-11
2.1
None Local Low Not required None Partial None
The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.
465 CVE-2005-0529 Overflow 2005-05-02 2017-10-11
2.1
None Local Low Not required Partial None None
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.
466 CVE-2005-0504 119 Exec Code Overflow 2005-03-14 2017-10-11
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
467 CVE-2005-0501 Exec Code Overflow 2005-05-02 2017-07-12
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname.
468 CVE-2005-0491 Exec Code Overflow 2005-05-02 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
469 CVE-2005-0490 Exec Code Overflow 2005-05-02 2017-10-11
5.1
None Remote High Not required Partial Partial Partial
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.
470 CVE-2005-0478 DoS Exec Code Overflow 2005-03-30 2017-07-11
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script.
471 CVE-2005-0470 DoS Overflow 2005-03-14 2017-07-11
5.0
None Remote Low Not required None None Partial
Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.
472 CVE-2005-0469 Exec Code Overflow 2005-05-02 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
473 CVE-2005-0468 Exec Code Overflow 2005-05-02 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
474 CVE-2005-0467 Exec Code Overflow 2005-02-21 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.
475 CVE-2005-0455 Exec Code Overflow 2005-05-02 2017-10-11
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.
476 CVE-2005-0439 Exec Code Overflow 2005-05-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names.
477 CVE-2005-0430 DoS Overflow 2005-02-12 2016-10-18
5.0
None Remote Low Not required None None Partial
The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow.
478 CVE-2005-0419 Exec Code Overflow 2005-04-27 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command.
479 CVE-2005-0416 Exec Code Overflow 2005-04-27 2019-04-30
7.5
None Remote Low Not required Partial Partial Partial
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
480 CVE-2005-0399 Exec Code Overflow 2005-05-02 2018-05-03
5.1
None Remote High Not required Partial Partial Partial
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
481 CVE-2005-0390 Exec Code Overflow 2005-05-02 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code.
482 CVE-2005-0385 Exec Code Overflow 2005-05-02 2018-08-13
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
483 CVE-2005-0353 Exec Code Overflow 2005-05-02 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
484 CVE-2005-0351 119 Exec Code Overflow 2005-04-07 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
485 CVE-2005-0350 Exec Code Overflow 2005-05-02 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
486 CVE-2005-0347 Exec Code Overflow 2005-05-02 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow.
487 CVE-2005-0339 DoS Exec Code Overflow 2005-05-02 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Foxmail 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long MAIL FROM command.
488 CVE-2005-0338 Exec Code Overflow 2005-05-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
489 CVE-2005-0330 DoS Exec Code Overflow 2005-05-02 2017-07-11
2.1
None Local Low Not required None None Partial
Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long cd-key hash.
490 CVE-2005-0308 Exec Code Overflow 2005-01-24 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.
491 CVE-2005-0277 DoS Exec Code Overflow 2005-05-02 2017-07-11
5.0
None Remote Low Not required None None Partial
Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls.
492 CVE-2005-0263 Exec Code Overflow 2005-05-02 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
493 CVE-2005-0262 Exec Code Overflow 2005-05-02 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
494 CVE-2005-0260 Exec Code Overflow 2005-05-02 2021-04-07
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
495 CVE-2005-0256 119 DoS Overflow 2005-05-02 2017-10-11
5.0
None Remote Low Not required None None Partial
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
496 CVE-2005-0249 Exec Code Overflow 2005-02-08 2019-09-20
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
497 CVE-2005-0247 119 Exec Code Overflow 2005-05-02 2017-10-11
6.5
None Remote Low ??? Partial Partial Partial
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
498 CVE-2005-0245 Exec Code Overflow 2005-02-01 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
499 CVE-2005-0211 119 DoS Exec Code Overflow 2005-05-02 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
500 CVE-2005-0206 Overflow 2005-04-27 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
Total number of vulnerabilities : 657   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.