Filtered by CWE-20
Total 11841 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-2923 1 Ipswitch 2 Imail Server, Ipswitch Collaboration Suite 2024-11-21 N/A
The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory.
CVE-2005-2806 1 Trevor Hogan 1 Bnbt 2024-11-21 N/A
client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service (application hang) via an HTTP header containing only a ":" (colon), possibly leading to an integer signedness error due to a missing field name or value.
CVE-2005-2405 1 Opera 1 Opera Browser 2024-11-20 N/A
Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code.
CVE-2005-2177 2 Net-snmp, Redhat 2 Net-snmp, Enterprise Linux 2024-11-20 N/A
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.
CVE-2005-1795 1 Clam Anti-virus 1 Clamav 2024-11-20 N/A
The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.
CVE-2005-1787 1 Phpstat 1 Phpstat 2024-11-20 N/A
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
CVE-2005-1761 3 Novell, Redhat, Suse 4 Linux Desktop, Open Enterprise Server, Enterprise Linux and 1 more 2024-11-20 N/A
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
CVE-2005-1682 1 Solstice 1 Solstice Internet Mail Server 2024-11-20 N/A
JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remote authenticated users to read other users' e-mail messages by modifying the msgno parameter. NOTE: Sun disputes this issue, stating "The report makes references to source code and files that do not exist in the mentioned products.
CVE-2005-1628 1 Web-app.org 1 Webapp 2024-11-20 N/A
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
CVE-2005-1398 1 Phpcart 1 Phpcart 2024-11-20 N/A
phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 through 4.6.4 are also affected.
CVE-2005-1330 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-20 N/A
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
CVE-2005-0904 1 Microsoft 1 Windows Xp 2024-11-20 N/A
Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.
CVE-2005-0850 1 Filezilla-project 1 Filezilla Server 2024-11-20 N/A
FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others.
CVE-2005-0492 1 Adobe 1 Acrobat Reader 2024-11-20 N/A
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node.
CVE-2005-0449 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-20 N/A
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
CVE-2005-0209 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-20 N/A
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
CVE-2005-0200 1 Tiki 1 Tikiwiki Cms\/groupware 2024-11-20 N/A
TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386.
CVE-2005-0116 1 Awstats 1 Awstats 2024-11-20 N/A
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
CVE-2005-0050 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Nt 2024-11-20 N/A
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."
CVE-2004-2771 4 Bsd Mailx Project, Heirloom, Oracle and 1 more 4 Bsd Mailx, Mailx, Linux and 1 more 2024-11-20 N/A
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.