CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2005-3182 Exec Code Overflow 2005-10-20 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
152 CVE-2005-3178 Exec Code Overflow 2005-10-07 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
153 CVE-2005-3172 Overflow 2005-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attacks.
154 CVE-2005-3155 Exec Code Overflow 2005-10-05 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
155 CVE-2005-3151 Exec Code Overflow 2005-10-05 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.
156 CVE-2005-3142 Exec Code Overflow 2005-10-05 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
157 CVE-2005-3135 Exec Code Overflow 2005-10-04 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.
158 CVE-2005-3120 Exec Code Overflow 2005-10-17 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
159 CVE-2005-3116 Exec Code Overflow 2005-11-18 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.
160 CVE-2005-3114 DoS Exec Code Overflow 2005-09-30 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method.
161 CVE-2005-3092 Exec Code Overflow 2005-09-28 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allows remote attackers to execute arbitrary code via a .flp file that contains a long path to a (1) .mid or (2) .wav file.
162 CVE-2005-3084 DoS Overflow 2005-09-27 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image.
163 CVE-2005-3065 119 DoS Overflow 2005-09-27 2016-05-27
5.0
None Remote Low Not required None None Partial
MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read.
164 CVE-2005-3061 Exec Code Overflow 2005-09-27 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive.
165 CVE-2005-3060 Exec Code Overflow 2005-09-30 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
166 CVE-2005-3051 119 Exec Code Overflow 2005-09-24 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code via a large ARJ block.
167 CVE-2005-3033 DoS Exec Code Overflow 2005-09-22 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
168 CVE-2005-3032 DoS Exec Code Overflow 2005-09-22 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument.
169 CVE-2005-3031 Exec Code Overflow 2005-09-22 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name.
170 CVE-2005-3029 Exec Code Overflow 2005-09-21 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in an ACE archive.
171 CVE-2005-3013 Exec Code Overflow 2005-09-21 2017-07-11
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.
172 CVE-2005-2996 Exec Code Overflow 2005-09-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
173 CVE-2005-2976 189 DoS Exec Code Overflow 2005-11-18 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
174 CVE-2005-2972 119 Exec Code Overflow 2005-10-23 2018-10-03
5.1
None Remote High Not required Partial Partial Partial
Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsInsideBrace, (3) HandleLists, (4) or (5) HandleAbiLists functions in ie_imp_RTF.cpp, a different vulnerability than CVE-2005-2964.
175 CVE-2005-2971 Exec Code Overflow 2005-10-20 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
176 CVE-2005-2964 Exec Code Overflow 2005-09-28 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.
177 CVE-2005-2961 Exec Code Overflow 2005-10-05 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
178 CVE-2005-2957 Exec Code Overflow 2005-09-16 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive.
179 CVE-2005-2947 Exec Code Overflow 2005-09-16 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource.
180 CVE-2005-2943 Exec Code Overflow 2005-10-13 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
181 CVE-2005-2933 Exec Code Overflow 2005-10-13 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
182 CVE-2005-2930 119 Exec Code Overflow 2005-10-28 2011-08-02
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318.
183 CVE-2005-2927 Exec Code Overflow 2005-10-25 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
184 CVE-2005-2926 Exec Code Overflow 2005-10-25 2019-10-09
4.6
None Local Low Not required Partial Partial Partial
Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
185 CVE-2005-2922 119 DoS Exec Code Overflow 2005-12-31 2017-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.
186 CVE-2005-2920 Exec Code Overflow 2005-09-20 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.
187 CVE-2005-2903 Exec Code Overflow 2005-09-14 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
188 CVE-2005-2871 DoS Exec Code Overflow 2005-09-09 2018-05-03
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
189 CVE-2005-2856 119 Exec Code Overflow 2005-09-08 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
190 CVE-2005-2850 DoS Overflow 2005-09-08 2008-09-05
5.0
None Remote Low Not required None None Partial
SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error.
191 CVE-2005-2844 DoS Exec Code Overflow 2005-09-08 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long group name argument to the RenameGroup function in the MMClient.MunduMessenger.1 ActiveX object.
192 CVE-2005-2842 Exec Code Overflow 2005-09-08 2017-09-16
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.
193 CVE-2005-2841 DoS Exec Code Overflow 2005-09-08 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
194 CVE-2005-2810 Overflow +Priv 2005-09-07 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in urban before 1.5.3 allow local users to gain privileges via a long HOME environment variable to (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc.
195 CVE-2005-2804 DoS Overflow 2005-10-04 2017-07-11
5.0
None Remote Low Not required None None Partial
Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.
196 CVE-2005-2799 Exec Code Overflow 2005-09-15 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
197 CVE-2005-2772 Exec Code Overflow 2005-09-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
198 CVE-2005-2768 Exec Code Overflow 2005-09-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.
199 CVE-2005-2767 Exec Code Overflow 2005-09-02 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file.
200 CVE-2005-2764 DoS Exec Code Overflow 2005-09-21 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Total number of vulnerabilities : 657   Page : 1 2 3 4 (This Page)5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.