CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2005(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2005-2373 Exec Code Overflow 2005-07-26 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
252 CVE-2005-2365 DoS Overflow 2005-08-10 2017-10-11
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors.
253 CVE-2005-2346 Exec Code Overflow 2005-08-03 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.
254 CVE-2005-2344 119 DoS Overflow 2005-12-31 2017-07-11
5.0
None Remote Low Not required None Partial None
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
255 CVE-2005-2341 119 DoS Overflow 2005-12-31 2011-10-17
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
256 CVE-2005-2340 119 Exec Code Overflow 2005-12-31 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field.
257 CVE-2005-2335 119 DoS Exec Code Overflow 2005-07-27 2018-10-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier.
258 CVE-2005-2315 Exec Code Overflow 2005-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared.
259 CVE-2005-2310 119 Exec Code Overflow 2005-07-19 2011-03-08
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.
260 CVE-2005-2305 DoS Exec Code Overflow 2005-07-19 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
DG Remote Control Server 1.6.2 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via a long message to TCP port 1071 or 1073, possibly due to a buffer overflow.
261 CVE-2005-2297 Exec Code Overflow 2005-07-19 2016-10-18
4.6
None Local Low Not required Partial Partial Partial
Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.
262 CVE-2005-2287 DoS Overflow 2005-07-18 2016-10-18
5.0
None Remote Low Not required None None Partial
SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow.
263 CVE-2005-2278 Exec Code Overflow 2005-07-18 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
264 CVE-2005-2250 Exec Code Overflow 2005-07-13 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.
265 CVE-2005-2244 Exec Code Overflow 2005-07-12 2017-07-11
5.0
None Remote Low Not required None Partial None
The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow.
266 CVE-2005-2235 Exec Code Overflow 2005-07-12 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
267 CVE-2005-2234 Exec Code Overflow 2005-07-12 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
268 CVE-2005-2233 Exec Code Overflow 2005-07-12 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.
269 CVE-2005-2232 Exec Code Overflow 2005-07-12 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.
270 CVE-2005-2213 Exec Code Overflow 2005-07-11 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams.
271 CVE-2005-2210 Exec Code Overflow 2005-07-11 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL.
272 CVE-2005-2141 DoS Overflow 2005-07-05 2008-09-05
5.0
None Remote Low Not required None None Partial
TCP Chat 1.0 allows remote attackers to cause a denial of service (crash) via a long string to the chat service, possibly triggering a buffer overflow.
273 CVE-2005-2127 119 DoS Exec Code Overflow Mem. Corr. 2005-08-19 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."
274 CVE-2005-2124 Exec Code Overflow 2005-11-29 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."
275 CVE-2005-2123 Exec Code Overflow 2005-11-29 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord.
276 CVE-2005-2122 Exec Code Overflow 2005-10-21 2019-04-30
10.0
None Remote Low Not required Complete Complete Complete
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
277 CVE-2005-2120 Exec Code Overflow 2005-10-13 2018-10-12
6.5
None Remote Low ??? Partial Partial Partial
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
278 CVE-2005-2118 Exec Code Overflow 2005-10-21 2019-04-30
5.1
None Remote High Not required Partial Partial Partial
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122.
279 CVE-2005-2103 DoS Exec Code Overflow 2005-08-16 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
280 CVE-2005-2096 DoS Overflow 2005-07-06 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
281 CVE-2005-2085 DoS Overflow 2005-07-05 2016-10-18
5.0
None Remote Low Not required None None Partial
Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command.
282 CVE-2005-2081 Exec Code Overflow 2005-07-05 2017-07-11
5.0
None Remote Low Not required None Partial None
Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.
283 CVE-2005-2079 Exec Code Overflow 2005-08-02 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code.
284 CVE-2005-2052 Exec Code Overflow 2005-06-28 2016-10-18
5.1
None Remote High Not required Partial Partial Partial
Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value.
285 CVE-2005-2051 Exec Code Overflow 2005-06-28 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code.
286 CVE-2005-2041 Exec Code Overflow 2005-06-15 2017-07-11
5.0
None Remote Low Not required None Partial None
Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE).
287 CVE-2005-2040 Exec Code Overflow 2005-06-20 2008-09-05
5.0
None Remote Low Not required None Partial None
Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
288 CVE-2005-1987 120 Exec Code Overflow 2005-10-13 2020-04-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
289 CVE-2005-1984 Exec Code Overflow 2005-08-10 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
290 CVE-2005-1983 Exec Code Overflow +Priv 2005-08-10 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
291 CVE-2005-1953 Exec Code Overflow 2005-06-11 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request.
292 CVE-2005-1935 Exec Code Overflow 2005-06-13 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.
293 CVE-2005-1929 119 Exec Code Overflow 2005-12-14 2011-03-07
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
294 CVE-2005-1903 Exec Code Overflow 2005-06-02 2017-07-11
2.1
None Local Low Not required None None Partial
Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.
295 CVE-2005-1873 Exec Code Overflow 2005-06-09 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string.
296 CVE-2005-1872 Exec Code Overflow 2005-06-03 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code.
297 CVE-2005-1852 189 DoS Exec Code Overflow 2005-07-26 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
298 CVE-2005-1847 Exec Code Overflow 2005-01-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1) rename or (2) sort options.
299 CVE-2005-1826 Exec Code Overflow 2005-05-03 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension.
300 CVE-2005-1825 Exec Code Overflow 2005-05-03 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.
Total number of vulnerabilities : 657   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.