CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1101 CVE-2005-4176 2005-12-11 2018-10-19
2.1
None Local Low Not required Partial None None
AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.
1102 CVE-2005-4273 2005-12-15 2018-10-19
2.1
None Local Low Not required None Partial None
Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files.
1103 CVE-2005-4344 2005-12-19 2011-03-08
2.1
None Local Low Not required None Partial None
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.
1104 CVE-2005-4352 Bypass 2005-12-31 2018-10-19
2.1
None Local Low Not required None Partial None
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
1105 CVE-2005-4357 XSS 2005-12-20 2018-10-19
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary Javascript via a permitted HTML tag with " (quote) characters and active attributes such as onmouseover.
1106 CVE-2005-4412 2005-12-20 2008-09-05
2.1
None Local Low Not required Partial None None
Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field.
1107 CVE-2005-4494 XSS 2005-12-22 2011-03-08
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) spip_login.php3 and (2) spip_pass.php3.
1108 CVE-2005-4536 2005-12-31 2017-07-20
2.1
None Local Low Not required None Partial None
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
1109 CVE-2005-4589 2005-12-30 2018-10-19
2.1
None Local Low Not required Partial None None
Spb Kiosk Engine 1.0.0.1 stores the administrator's passcode in the registry in plaintext, which allows local users to obtain the passcode.
1110 CVE-2005-4605 2005-12-31 2018-10-19
2.1
None Local Low Not required Partial None None
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
1111 CVE-2005-4659 +Priv 2005-12-31 2017-07-20
2.1
None Local Low Not required Partial None None
IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup.
1112 CVE-2005-4683 2005-12-31 2017-07-20
2.1
None Local Low Not required Partial None None
PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are not properly managed by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.
1113 CVE-2005-4690 2005-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory as a blog's top-level directory. NOTE: this issue can be used in conjunction with CVE-2005-3102 to create or overwrite arbitrary files of all types.
1114 CVE-2005-4691 2005-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.
1115 CVE-2005-4696 2005-12-31 2017-10-05
2.1
None Local Low Not required Partial None None
The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network.
1116 CVE-2005-4697 2005-12-31 2017-07-20
2.1
None Local Low Not required Partial None None
The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.
1117 CVE-2005-4701 +Info 2005-12-31 2011-03-08
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx.
1118 CVE-2005-4706 DoS 2005-12-31 2011-03-08
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function.
1119 CVE-2005-4755 2005-12-31 2018-09-27
2.1
None Local Low Not required Partial None None
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with the Configuration Wizard, renders an SSL private key passphrase in cleartext (2) on a terminal or (3) in a log file, which might allow local users to obtain cryptographic keys.
1120 CVE-2005-4778 2005-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions.
1121 CVE-2005-4783 2005-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
1122 CVE-2005-4788 Bypass 2005-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."
1123 CVE-2005-4789 Bypass 2005-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.
1124 CVE-2005-4791 Exec Code 2005-12-31 2018-10-30
2.1
None Local Low Not required None Partial None
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
1125 CVE-2005-4868 200 DoS +Info 2005-12-31 2017-08-17
2.1
None Local Low Not required Partial None None
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.
1126 CVE-2005-4869 DoS 2005-12-31 2017-07-29
2.1
None Local Low Not required None None Partial
The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference.
1127 CVE-2006-0053 399 DoS 2006-04-10 2017-07-20
2.6
None Remote High Not required None None Partial
Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference.
1128 CVE-2006-0055 2006-01-11 2017-07-20
2.1
None Local Low Not required None Partial None
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
1129 CVE-2006-0077 Overflow 2006-01-04 2011-03-08
2.1
None Local Low Not required None None Partial
Off-by-one error in the getfattr function in File::ExtAttr before 0.03 allows attackers to trigger a buffer overflow via unspecified attack vectors.
1130 CVE-2006-0095 +Info 2006-01-06 2018-10-19
2.1
None Local Low Not required Partial None None
dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.
1131 CVE-2006-0208 79 XSS 2006-01-13 2018-10-30
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
1132 CVE-2006-0227 2006-01-17 2018-10-30
2.6
None Local High Not required None Partial Partial
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
1133 CVE-2006-0229 +Priv 2006-01-17 2018-10-19
2.1
None Local Low Not required None Partial None
Unquoted Windows search path vulnerability in Wehntrust might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when Wehntrust creates the autostart key.
1134 CVE-2006-0363 2006-01-22 2018-10-19
2.1
None Local Low Not required Partial None None
The "Remember my Password" feature in MSN Messenger 7.5 stores passwords in an encrypted format under the HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds registry key, which might allow local users to obtain the original passwords via a program that calls CryptUnprotectData, as demonstrated by the "MSN Password Recovery.exe" program. NOTE: it could be argued that local-only password recovery is inherently insecure because the decryption methods and keys must be stored somewhere on the local system, and are thus inherently accessible with varying degrees of effort. Perhaps this issue should not be included in CVE.
1135 CVE-2006-0369 200 +Info 2006-01-22 2019-12-17
2.1
None Local Low Not required Partial None None
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that the availability of the schema is a normal and sometimes desired aspect of database access.
1136 CVE-2006-0379 2006-01-25 2017-07-20
2.1
None Local Low Not required Partial None None
FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory.
1137 CVE-2006-0380 2006-01-25 2017-07-20
2.1
None Local Low Not required Partial None None
A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.
1138 CVE-2006-0382 DoS 2006-02-14 2017-07-20
2.1
None Local Low Not required None None Partial
Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call.
1139 CVE-2006-0388 94 2006-03-03 2017-07-20
2.6
None Local High Not required None Partial Partial
Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.
1140 CVE-2006-0389 XSS 2006-03-03 2017-07-20
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds.
1141 CVE-2006-0427 2006-01-25 2017-07-20
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted.
1142 CVE-2006-0429 2006-01-25 2017-07-20
2.1
None Local Low Not required None Partial None
BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been activated by a server reboot, which could cause an administrator to perform inappropriate, security-relevant actions.
1143 CVE-2006-0431 2006-01-25 2017-07-20
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP5 allows untrusted applications to obtain the server's SSL identity via unknown attack vectors.
1144 CVE-2006-0432 2006-01-25 2017-07-20
2.1
None Local Low Not required None Partial None
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources.
1145 CVE-2006-0456 DoS 2006-06-27 2017-10-11
2.1
None Local Low Not required None None Partial
The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.
1146 CVE-2006-0482 DoS 2006-01-31 2017-07-20
2.1
None Local Low Not required None None Partial
Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.
1147 CVE-2006-0488 +Info 2006-02-01 2018-10-19
2.1
None Local Low Not required Partial None None
The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm.
1148 CVE-2006-0512 2006-02-02 2016-12-08
2.1
None Local Low Not required None Partial None
PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.
1149 CVE-2006-0516 DoS 2006-02-02 2017-10-11
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors.
1150 CVE-2006-0538 DoS 2006-02-04 2018-10-19
2.6
None Remote High Not required None None Partial
CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.