Total
11612 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3712 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 6.5 MEDIUM | N/A |
| Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. | |||||
| CVE-2005-3662 | 1 Greg Roelofs | 1 Pnmtopng | 2024-11-21 | 4.6 MEDIUM | N/A |
| Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors. | |||||
| CVE-2005-3658 | 1 Emc | 1 Legato Networker | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe). | |||||
| CVE-2005-3653 | 2 Broadcom, Ca | 34 Brightstor Arcserve Backup, Brightstor Arcserve Backup Laptops Desktops, Brightstor Portal and 31 more | 2024-11-21 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. | |||||
| CVE-2005-3640 | 1 Floosietek | 1 Ftgate | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command. | |||||
| CVE-2005-3627 | 1 Xpdf | 1 Xpdf | 2024-11-21 | 7.5 HIGH | N/A |
| Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo. | |||||
| CVE-2005-3534 | 1 Wouter Verhelst | 1 Nbd | 2024-11-21 | 7.5 HIGH | N/A |
| Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header. | |||||
| CVE-2005-3485 | 1 Glider | 1 Collectn Kill | 2024-11-21 | 7.5 HIGH | N/A |
| Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name. | |||||
| CVE-2005-3483 | 2 Graphon, Microsoft | 2 Go-global, Windows | 2024-11-21 | 7.5 HIGH | N/A |
| Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size. | |||||
| CVE-2005-3354 | 1 Sylpheed | 1 Sylpheed | 2024-11-21 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines. | |||||
| CVE-2005-3317 | 1 Zipgenius | 1 Zipgenius | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename, which is not properly handled by (a) zipgenius.exe, (b) zg.exe, (c) zgtips.dll, and (d) contmenu.dll; (2) a long original name in a (a) UUE, (b) XXE, or (c) MIM file, which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename, which is not properly handled by unacev2.dll. | |||||
| CVE-2005-3314 | 1 Novell | 1 Netmail | 2024-11-21 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments." | |||||
| CVE-2005-3269 | 1 Sun | 4 Java System Directory Proxy Server, Java System Directory Server, One Administration Server and 1 more | 2024-11-21 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges. | |||||
| CVE-2005-3265 | 1 Skype Technologies | 1 Skype | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine. | |||||
| CVE-2005-3193 | 1 Xpdf | 1 Xpdf | 2024-11-21 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated. | |||||
| CVE-2005-3192 | 1 Xpdf | 1 Xpdf | 2024-11-21 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. | |||||
| CVE-2005-3191 | 1 Xpdf | 1 Xpdf | 2024-11-21 | 5.1 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index. | |||||
| CVE-2005-3185 | 3 Curl, Libcurl, Wget | 3 Curl, Libcurl, Wget | 2024-11-21 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. | |||||
| CVE-2005-3065 | 1 Multitheftauto | 1 Multitheftauto | 2024-11-21 | 5.0 MEDIUM | N/A |
| MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read. | |||||
| CVE-2005-3051 | 1 Igor Pavlov | 1 7-zip | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code via a large ARJ block. | |||||