CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2005-3640 119 Exec Code Overflow 2005-11-16 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.
102 CVE-2005-3632 Exec Code Overflow 2005-11-21 2018-10-03
4.6
None Local Low Not required Partial Partial Partial
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
103 CVE-2005-3628 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
104 CVE-2005-3627 119 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
105 CVE-2005-3624 189 Overflow 2005-12-31 2018-10-19
5.0
None Remote Low Not required None Partial None
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
106 CVE-2005-3589 DoS Overflow 2005-11-16 2018-10-19
7.8
None Remote Low Not required None None Complete
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
107 CVE-2005-3566 Exec Code Overflow 2005-11-16 2017-07-11
4.3
None Local Low ??? Partial Partial Partial
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
108 CVE-2005-3540 Exec Code Overflow 2005-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspecified attack vectors.
109 CVE-2005-3535 Exec Code Overflow 2005-12-27 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors.
110 CVE-2005-3534 119 Exec Code Overflow 2005-12-22 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
111 CVE-2005-3533 Exec Code Overflow 2005-12-11 2011-03-08
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
112 CVE-2005-3526 Exec Code Overflow 2005-12-31 2018-10-19
6.5
None Remote Low ??? Partial Partial Partial
Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command.
113 CVE-2005-3525 Exec Code Overflow 2005-12-31 2018-10-19
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters.
114 CVE-2005-3524 Exec Code Overflow 2005-11-07 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.
115 CVE-2005-3504 Exec Code Overflow 2005-11-05 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code.
116 CVE-2005-3491 Exec Code Overflow 2005-11-04 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.
117 CVE-2005-3489 Exec Code Overflow 2005-11-04 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.
118 CVE-2005-3487 Exec Code Overflow 2005-11-03 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors.
119 CVE-2005-3485 119 Exec Code Overflow 2005-11-03 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name.
120 CVE-2005-3483 119 Exec Code Overflow 2005-11-03 2019-03-25
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.
121 CVE-2005-3481 Exec Code Overflow 2005-11-03 2017-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed.
122 CVE-2005-3438 Overflow 2005-11-02 2012-10-23
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager.
123 CVE-2005-3433 Exec Code Overflow 2005-11-02 2016-10-18
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields.
124 CVE-2005-3396 Exec Code Overflow 2005-11-01 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.
125 CVE-2005-3354 119 Exec Code Overflow 2005-11-20 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
126 CVE-2005-3346 Overflow 2005-11-20 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call.
127 CVE-2005-3318 Exec Code Overflow 2005-10-27 2017-07-19
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930.
128 CVE-2005-3317 119 Exec Code Overflow 2005-10-27 2009-03-25
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename, which is not properly handled by (a) zipgenius.exe, (b) zg.exe, (c) zgtips.dll, and (d) contmenu.dll; (2) a long original name in a (a) UUE, (b) XXE, or (c) MIM file, which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename, which is not properly handled by unacev2.dll.
129 CVE-2005-3314 119 Exec Code Overflow 2005-11-18 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
130 CVE-2005-3298 Exec Code Overflow 2005-10-23 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
131 CVE-2005-3297 Exec Code Overflow 2005-10-23 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
132 CVE-2005-3284 Exec Code Overflow 2005-10-23 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives.
133 CVE-2005-3279 Overflow +Priv 2005-10-23 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option.
134 CVE-2005-3278 Exec Code Overflow 2005-10-23 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer (BMV) 1.2 allows local users to execute arbitrary code via a PostScript (PS) file containing a large number of pages value, which leads to a resultant buffer overflow.
135 CVE-2005-3269 119 DoS Overflow +Priv 2005-10-20 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.
136 CVE-2005-3267 189 DoS Overflow 2005-10-27 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow.
137 CVE-2005-3265 119 Exec Code Overflow 2005-10-27 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
138 CVE-2005-3263 Exec Code Overflow 2005-10-20 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name.
139 CVE-2005-3252 Exec Code Overflow 2005-10-18 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
140 CVE-2005-3243 Exec Code Overflow 2005-10-27 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
141 CVE-2005-3197 Exec Code Overflow 2005-10-14 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.
142 CVE-2005-3194 Exec Code Overflow 2005-10-14 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.
143 CVE-2005-3193 119 DoS Exec Code Overflow Mem. Corr. 2005-12-07 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
144 CVE-2005-3192 119 Exec Code Overflow 2005-12-08 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
145 CVE-2005-3191 119 DoS Exec Code Overflow 2005-12-07 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
146 CVE-2005-3190 Exec Code Overflow 2005-10-13 2021-04-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
147 CVE-2005-3188 Exec Code Overflow 2005-12-31 2017-07-11
7.6
None Remote High Not required Complete Complete Complete
Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476.
148 CVE-2005-3186 Exec Code Overflow 2005-11-18 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
149 CVE-2005-3185 119 Exec Code Overflow 2005-10-13 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
150 CVE-2005-3184 Exec Code Overflow 2005-10-20 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
Total number of vulnerabilities : 657   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.