CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2005-4268 119 DoS Exec Code Overflow 2005-12-15 2018-10-03
3.7
None Local High Not required Partial Partial Partial
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.
52 CVE-2005-4267 119 Exec Code Overflow 2005-12-21 2011-03-07
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
53 CVE-2005-4220 119 DoS Overflow 2005-12-14 2018-10-19
7.8
None Remote Low Not required None None Complete
Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.
54 CVE-2005-4194 DoS Overflow 2005-12-13 2011-03-08
5.0
None Remote Low Not required None None Partial
Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string.
55 CVE-2005-4178 Exec Code Overflow 2005-12-12 2018-10-30
6.5
None Remote Low ??? Partial Partial Partial
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
56 CVE-2005-4153 DoS Overflow 2005-12-11 2017-10-11
7.8
None Remote Low Not required None None Complete
Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.
57 CVE-2005-4134 DoS Overflow 2005-12-09 2018-10-19
5.0
None Remote Low Not required None None Partial
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
58 CVE-2005-4092 119 DoS Exec Code Overflow 2005-12-08 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement.
59 CVE-2005-4085 Exec Code Overflow 2005-12-31 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
60 CVE-2005-4077 189 DoS Overflow Bypass 2005-12-08 2018-10-19
4.6
None Local Low Not required Partial Partial Partial
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.
61 CVE-2005-4076 Exec Code Overflow 2005-12-08 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in Appfluent Technology Database IDS 2.0 allows local users to execute arbitrary code via a long APPFLUENT_HOME environment variable.
62 CVE-2005-4050 Exec Code Overflow 2005-12-07 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol (SIP) packet.
63 CVE-2005-4048 119 Exec Code Overflow 2005-12-07 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
64 CVE-2005-3992 Exec Code Overflow 2005-12-04 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) PASS command to the FTP server.
65 CVE-2005-3964 Exec Code Overflow 2005-12-02 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
66 CVE-2005-3962 189 Exec Code Overflow 2005-12-01 2018-10-19
4.6
None Local Low Not required Partial Partial Partial
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
67 CVE-2005-3934 DoS Overflow 2005-12-01 2017-07-20
7.8
None Remote Low Not required None None Complete
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
68 CVE-2005-3928 Exec Code Overflow 2005-11-30 2018-10-19
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument.
69 CVE-2005-3922 Exec Code Overflow 2005-11-30 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
70 CVE-2005-3903 Exec Code Overflow 2005-12-14 2017-07-20
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.
71 CVE-2005-3891 DoS Overflow 2005-11-29 2017-07-20
7.8
None Remote Low Not required None None Complete
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
72 CVE-2005-3863 119 Exec Code Overflow 2005-11-29 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.
73 CVE-2005-3862 Exec Code Overflow 2005-11-29 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.
74 CVE-2005-3832 119 Exec Code Overflow 2005-11-26 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
75 CVE-2005-3831 119 Exec Code Overflow 2005-11-26 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
76 CVE-2005-3808 DoS Overflow 2005-11-25 2018-10-03
4.9
None Local Low Not required None None Complete
Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.
77 CVE-2005-3780 Exec Code Overflow 2005-11-23 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records.
78 CVE-2005-3768 DoS Exec Code Overflow 2005-11-23 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
79 CVE-2005-3760 119 DoS Overflow 2005-11-22 2011-03-08
7.8
None Remote Low Not required None None Complete
Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND).
80 CVE-2005-3737 Exec Code Overflow 2005-11-22 2011-03-08
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.
81 CVE-2005-3713 119 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block.
82 CVE-2005-3712 119 Exec Code Overflow 2005-12-31 2017-07-11
6.5
None Remote Low ??? Partial Partial Partial
Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.
83 CVE-2005-3711 189 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values.
84 CVE-2005-3710 189 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags.
85 CVE-2005-3708 Exec Code Overflow 2005-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
86 CVE-2005-3707 Exec Code Overflow 2005-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
87 CVE-2005-3706 Exec Code Overflow 2005-12-31 2017-07-11
6.4
None Remote Low Not required None Partial Partial
Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory.
88 CVE-2005-3705 Exec Code Overflow 2005-12-01 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
89 CVE-2005-3690 Exec Code Overflow 2005-11-19 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
90 CVE-2005-3684 DoS Exec Code Overflow 2005-11-19 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.
91 CVE-2005-3683 DoS Exec Code Overflow 2005-11-19 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
92 CVE-2005-3677 Exec Code Overflow 2005-11-18 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different.
93 CVE-2005-3668 DoS Overflow 2005-11-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable.
94 CVE-2005-3664 Exec Code Overflow 2005-11-18 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
95 CVE-2005-3662 119 DoS Exec Code Overflow 2005-11-18 2018-10-03
4.6
None Local Low Not required Partial Partial Partial
Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
96 CVE-2005-3658 119 DoS Exec Code Overflow 2005-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
97 CVE-2005-3655 Exec Code Overflow 2005-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.
98 CVE-2005-3653 119 Exec Code Overflow 2005-12-31 2021-04-14
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
99 CVE-2005-3652 Exec Code Overflow 2005-12-16 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response.
100 CVE-2005-3651 Exec Code Overflow 2005-12-10 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
Total number of vulnerabilities : 657   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.