Vulnerability Index: Year 2004

Privilege Escalation Vulnerability in Linux Kernel's eflags Checking on AMD64 Systems TCP MSS Vulnerability: Resource Exhaustion via Low MTU or Small TCP Payloads Privilege Escalation Vulnerability in Linux Kernel (pre-2.4.22) via R128 DRI Limits Checking Inadequate Certificate Chain Verification in OpenCA 0.9.1.6 and Earlier Multiple Buffer Overflows in Gaim 0.75: Remote Code Execution and Denial of Service Vulnerabilities Multiple Buffer Overflow Vulnerabilities in Gaim and Ultramagnetic Buffer Overflow Vulnerability in Gaim and Ultramagnetic Protocol Handlers Heap-based Buffer Overflow in Gaim and Ultramagnetic DirectIM Packet Handling Apache-SSL Remote Client Certificate Forgery Vulnerability Local Privilege Escalation via Stack-based Buffer Overflow in ncp_lookup function Remote Code Execution Vulnerability in fsp before 2.81.b18 due to Buffer Overflow SSL Connection Denial of Service Vulnerability in Jabber 1.4.2 and Earlier Versions Buffer Overflow Vulnerabilities in nd WebDAV Interface 0.8.2 and Earlier Privilege Escalation in vbox3 0.1.8 and Earlier Unrestricted File Upload Vulnerability in phpgroupware 0.9.14 Calendar Module SQL Injection Vulnerabilities in phpgroupware 0.9.14 Calendar and Infolog Modules Arbitrary Command Execution Vulnerability in Jitterbug 1.6.2 World-writable permissions on Lotus Notes Domino 6.0.2 notes.ini file on Linux allows local privilege escalation PHPGEDVIEW 2.61 Multiple Remote File Inclusion Vulnerabilities Remote Code Execution and Password Reset Vulnerability in PHPGEDVIEW 2.61 Arbitrary HTML and Web Script Injection in PHPGEDVIEW 2.61 via firstname Parameter Sensitive Information Disclosure in PHPGEDVIEW 2.61 via admin.php Action Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phorum 3.4.5 and Earlier SQL Injection Vulnerability in Phorum 3.4.5 and Earlier: Remote Code Execution via hide_email Parameter SQL Injection Vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 Arbitrary Command Execution via Hyperlinks in FirstClass Desktop Client 7.1 Arbitrary Command Execution Vulnerability in McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 Format String Vulnerabilities in Check Point Firewall-1 NG-AI R55 and R54 Stack-based Buffer Overflow in Check Point VPN-1 Server and SecuRemote/SecureClient Bypassing Access Restrictions in mod_auth_shadow Module vsftpd 1.1.3 Username Enumeration Vulnerability Buffer Overflow Vulnerability in Yahoo Instant Messenger 5.6.0.1351 and Earlier Authentication Bypass Vulnerability in Cisco Personal Assistant 1.4(1) and 1.4(2) Buffer Overflow in ARTpost Function in INN 2.4.0 Control Message Handling Code Allows Remote Code Execution SnapStream PVS LITE Cross-Site Scripting (XSS) Vulnerability Privilege Escalation Vulnerability in trr19 1.0 Denial of Service Vulnerability in Helix Universal Server/Proxy 9 and Mobile Server 10 Path Disclosure Vulnerability in Verity Ultraseek before 5.2.2 Bypassing Content Restrictions via Non-Standard Content-Transfer-Encoding Values MIME Message Separator Bypass Vulnerability Bypassing Content Restrictions via MIME Messages with RFC2047 Encoding H.323 Protocol Implementation Vulnerabilities in Cisco IOS 11.3T through 12.2T Denial of Service Vulnerability in tcpdump 3.8.1 and Earlier Multiple Remote Code Execution and Denial of Service Vulnerabilities in Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway via H.323 Protocol Implementation Denial of Service Vulnerability in tcpdump's ISAKMP Decoding Routines Symlink Attack Vulnerability in Antivir / Linux 2.0.9-9 Directory Traversal Vulnerability in WWW File Share Pro 2.42 and Earlier Denial of Service Vulnerability in WWW File Share Pro 2.42 and Earlier Directory Access Bypass in WWW File Share Pro 2.42 and Earlier Vulnerability: Integer Overflow in FishCart's Rounding Function Allows Negative Totals Insecure Verification of PVV in nCipher payShield SPP Library Symlink Attack Vulnerability in SuSEconfig.gnome-filesystem Script SQL Injection Vulnerabilities in phpGedView before 2.65: Remote Code Execution Path Disclosure Vulnerability in phpGedView before 2.65 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpGedView before 2.65 Remote File Inclusion Vulnerability in PhpDig 1.6.5 and Earlier: Arbitrary PHP Code Execution Format String Vulnerability in HD Soft Windows FTP Server 1.6 and Earlier Remote File Inclusion Vulnerability in ezContents' module.php Allows Arbitrary PHP Code Execution Arbitrary File Read Vulnerability in PHP Man Page Lookup 1.2.0 Accipiter Direct Server 6.0 Directory Traversal Vulnerability Remote File Inclusion Vulnerability in EasyDynamicPages 2.0 Allows Arbitrary PHP Code Execution Multiple Buffer Overflows in xsok 1.02: Privilege Escalation via LANG and -xsokdir Arguments Vicam USB Driver in Linux Prior to 2.4.25 Denial of Service Vulnerability Privilege Escalation via do_mremap Vulnerability Buffer Overflow Vulnerability in Mutt 1.4.1 and Earlier: Remote Code Execution Null Dereference Denial of Service Vulnerability in OpenSSL Pointer Reuse Vulnerability in util-linux Login Program Denial of Service Vulnerability in OpenSSL 0.9.6 before 0.9.6d Uninitialized Buffer Vulnerability in Samba 3.0.0 and 3.0.1 Buffer Overflow in ReadFontAlias Function of XFree86 4.1.0 through 4.3.0 Buffer Overflow in XFree86 ReadFontAlias Function Unidentified Vulnerability in Mac OS X Mail Application (10.1.5 and 10.2.8) with Undetermined Impact Unidentified Vulnerability in Mac OS X 10.3.2 Mail Application with Unknown Impact and Attack Vectors Local Privilege Escalation Vulnerability in Mac OS 10.2.8 and 10.3.2 System Configuration Subsystem Local Privilege Escalation in Mac OS 10.2.8 System Configuration Subsystem TruBlueEnvironment Buffer Overflow Vulnerability in Mac OS X 10.3.x and 10.2.x Unspecified Vulnerability in Windows File Sharing for Mac OS X: Potential Impact and Attack Vectors Disputed Cross-Site Scripting (XSS) Vulnerability in vBulletin register.php Unidentified Vulnerability in Safari Web Browser: Mac OS X 10.2.8 and 10.3.2 Out-of-Bounds Array Index Vulnerability in XFree86 4.1.0 with GLX and DRI Integer Signedness Errors in XFree86 4.1.0: Remote Code Execution and Denial of Service Vulnerability Buffer Overflow Vulnerability in McAfee ePolicy Orchestrator Agent Denial of Service Vulnerability in mod_python 2.7.9 Multiple Remote Code Execution and Denial of Service Vulnerabilities in PWLib before 1.6.0 Insecure Flag Handling in mksnap_ffs in FreeBSD 5.1 and 5.2 Buffer Overflow Vulnerability in Crawl (before 4.0.0 beta23) Metamail 2.7 and Earlier: Remote Code Execution via Multiple Format String Vulnerabilities Remote Code Execution Vulnerabilities in Metamail 2.7 and Earlier Unspecified Font File Handling Vulnerabilities in XFree86 4.1.0 to 4.3.0 Arbitrary File Overwrite Vulnerability in sysstat 4.0.7 and Earlier Local Privilege Escalation via Symlink Attack in isag Utility ISO9660 File System Component Buffer Overflow Vulnerability Arbitrary Code Execution Vulnerability in XMLSoft Libxml2 Denial of Service Vulnerability in gdk-pixbuf before 0.20 Kerberos Ticket Length Check Vulnerability in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c Memory Leak Vulnerability in mod_ssl in Apache 2.x before 2.0.49 Shared Memory Reference Count Vulnerability Arbitrary File Overwrite and Code Execution Vulnerability in Microsoft Virtual PC for Mac Denial of Service Vulnerability in RPCSS Service for Microsoft Windows 2000, XP, and 2003 H.323 Protocol Implementation Remote Code Execution Vulnerability Vulnerability: Local Privilege Escalation in Windows NT 4.0 and Windows 2000 VDM Subsystem Denial of Service and Arbitrary Code Execution Vulnerability in Windows SSP Interface Denial of Service Vulnerability in Microsoft SSL Library Outlook 2002 Argument Injection Vulnerability Arbitrary File Reading Vulnerability in Microsoft MSN Messenger 6.0 and 6.1 Double Free Vulnerability in Windows ASN.1 Library: Remote Code Execution and Denial of Service Object Identity Vulnerability in DCOM RPC Interface Unverified Jail System Call Vulnerability in FreeBSD 4.x Privilege Escalation via jail_attach System Call in FreeBSD 5.1 and 5.2 Directory Traversal Vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and Earlier Remote File Inclusion Vulnerability in phpGedView 2.65.1 and Earlier: Arbitrary PHP Code Execution Arbitrary File Read Vulnerability in phpMyAdmin 2.5.5 and Earlier Sensitive Information Leakage in login.php of phpGedView 2.65 and earlier Null Dereference Vulnerability in GNU Radius Daemon Remote File Inclusion Vulnerabilities in ezContents 2.0.2 and Earlier XFS File System Information Leak Vulnerability Privilege Escalation via User-Provided Library Loading in CPR (libcpr) on SGI IRIX SGI_IOPROBE System Call Privilege Escalation Vulnerability Denial of Service Vulnerability in mapelf32exec Function Call in IRIX 6.5.20-6.5.24 Local Denial of Service Vulnerability in IRIX 6.5.20-6.5.24 init Denial of Service Vulnerability in Linux Kernel 2.4 ELF Loader BSD.A Kernel Networking Vulnerability in SGI IRIX 6.5.22-6.5.25: Unspecified Impact and Attack Vectors Denial of Service Vulnerability in Nokia 6310(i) Mobile Phones via Malformed Bluetooth OBEX Messages Bypassing Access Restrictions in wu-ftpd 2.6.2 and Earlier with Restricted-GID Option Privilege Escalation Vulnerabilities in xboing before 2.4 Buffer Overflow in getaddrinfo Function in Python 2.2 Allows Remote Code Execution Local Command Execution Vulnerability in xitalk 1.1.11 and Earlier Multiple Stack-Based Buffer Overflows in emil 2.1.0 and Earlier Format String Vulnerabilities in emil 2.1.0 and Earlier: Remote Code Execution Denial of Service Vulnerability in rpc.mountd in nfs-utils Unauthenticated IP Connections and Man-in-the-Middle Attacks via KAME IKE Daemon Racoon Format string vulnerabilities in ssmtp die and log_event functions Arbitrary Code Execution via Path Manipulation in xonix 1.4 and Earlier Buffer Overflow Vulnerability in lbreakout2 Allows Local Privilege Escalation Format String Vulnerability in hsftp 1.11 Allows Remote Code Execution and Denial of Service Local Privilege Escalation Vulnerability in Synaesthesia 2.2 and Earlier Bypassing Content Restrictions via MIME Messages with RFC2231 Encoding Bypassing Content Restrictions via MIME Encapsulation in Security Products Denial of Service Vulnerability in Sygate Secure Enterprise (SSE) 3.5MR3 and Earlier Vulnerability: Remote Attackers Can Delete Certificates in KAME IKE Daemon (racoon) Format String Vulnerability in PPPD 2.4.0 for Mac OS X 10.3.2 and Earlier URL Spoofing Vulnerability in Safari for Mac OS X 10.2.8 Improper Initialization of Writeable Removable Media in DiskArbitration in Mac OS X 10.2.8 and 10.3.2 Unidentified Vulnerability in CoreFoundation: Notification Logging Exploit Denial of Service Vulnerability in QuickTime Streaming Server TCP Out-of-Sequence Packet Denial of Service Vulnerability Heap-based Buffer Overflow in ltrace 0.3.10's search_for_command Function Apache Directory Traversal Vulnerability Denial of Service Vulnerability in Apache Web Server Directory Traversal Vulnerability in OpenSSH's scp Allows Remote File Overwrite Multiple Buffer Overflows in Ethereal Dissectors Information Leak Vulnerability in ext3 File System Denial of Service Vulnerability in Sound Blaster (sb16) Driver in Linux 2.4.x Remote Code Execution via Format String Vulnerabilities in neon and Related Products Remote Arbitrary File Creation Vulnerability in CVS Client JFS File System Information Leak Vulnerability Denial of Service Vulnerability in Mailman before 2.0.13 Denial of Service Vulnerability in TCPDUMP 3.8.1 and Earlier via ISAKMP Delete Payload Integer Underflow Vulnerability in TCPDUMP 3.8.1 and Earlier Buffer Overflow Vulnerability in wu-ftpd 2.6.2 Allows Remote Code Execution Privilege Escalation via Samba Share Mounting Vulnerability Calife 2.8.5 and Earlier: Heap-Based Buffer Overflow Vulnerability Bypassing URL_regex ACLs in Squid 2.5STABLE4 and earlier via NULL character vulnerability Cleartext Password Vulnerability in Symantec FireWall/VPN Appliance Model 200 Cross-Domain and Cross-Site Scripting (XSS) Vulnerability in Mozilla 1.4.2 and Earlier Symantec Gateway Security 2.0 Management Service XSS Vulnerability Heap-based Buffer Overflow in ISS Protocol Analysis Module (PAM) Allows Remote Code Execution Stack-based Buffer Overflow in Adobe Acrobat Reader 5.1's OutputDebugString Function with XFDF Data Remote Code Execution Vulnerability in Microsoft Jet Database Engine 4.0 Arbitrary Code Execution via HCP URLs in Microsoft Windows XP and Windows Server 2003 SP1 Help and Support Center JPEG Parsing Engine Buffer Overflow Vulnerability in Microsoft GDIPlus.dll Heap-based Buffer Overflow in HtmlHelp Program (hh.exe) Allows Remote Code Execution Denial of Service Vulnerability in Microsoft DirectPlay API Outlook Web Access XSS Vulnerability Directory Traversal Vulnerability in Crystal Reports Web Viewers Buffer Overflow Vulnerability in IIS 4.0 Redirect Function Remote Code Execution and Privilege Escalation Vulnerability in NetDDE Services Privilege Escalation through Window Management API in Microsoft Windows Privilege Escalation via Virtual DOS Machine (VDM) Subsystem in Windows NT 4.0, 2000, XP, and Server 2003 Remote Code Execution Vulnerability in Microsoft Windows Graphics Rendering Engine Buffer Overflow Vulnerability in POSIX Component of Microsoft Windows NT and Windows 2000 Denial of Service Vulnerability in Microsoft Windows Server 2003 Kernel Stack-based Buffer Overflow in Task Scheduler and Internet Explorer Privilege Escalation via Shatter-Style Attack in Windows 2000 Utility Manager Buffer Overflow Vulnerability in Microsoft Internet Explorer and Explorer on Windows XP SP1, Windows 2000, Windows 98, and Windows Me Denial of Service Vulnerability in Microsoft Outlook Express 5.5 and 6 Integer Overflow in Install Engine (inseng.dll) in Internet Explorer 5.01, 5.5, and 6 Symlink Attack Vulnerability in Symantec AntiVirus Scan Engine for Red Hat Linux Denial of Service Vulnerability in isakmpd in OpenBSD 3.4 and Earlier Denial of Service Vulnerability in isakmpd in OpenBSD 3.4 and Earlier Denial of Service Vulnerability in isakmpd in OpenBSD 3.4 and Earlier Denial of Service Vulnerability in isakmpd in OpenBSD 3.4 and Earlier Memory Exhaustion Vulnerability in OpenBSD's isakmpd Buffer Overflow Vulnerabilities in Courier-IMAP, Courier, and SqWebMail Buffer Overflow Vulnerabilities in Midnight Commander (mc) Prior to Version 4.6.0 Buffer Overflow in zms Script in ZoneMinder: Remote Code Execution Vulnerability Privilege Escalation via Integer Signedness Error in Linux Kernel 2.6 cpufreq Proc Handler Framebuffer Driver Vulnerability in Linux Kernel 2.6.x Large Window Size in TCP: A Vulnerability Exploiting Sequence Number Guessing for Denial of Service Attacks Insecure Temporary File and Directory Creation Vulnerabilities in Midnight Commander (mc) Format string vulnerabilities in Midnight Commander (mc) before 4.6.0: Denial of Service and Arbitrary Code Execution Directory Traversal Vulnerability in Utempter Allows Arbitrary File Overwrite Stack-based buffer overflows in LHA 1.14's get_header function allow arbitrary code execution via long directory or file names in an LHA archive LHA 1.14 Multiple Directory Traversal Vulnerabilities SQL Injection Vulnerability in login.asp Allows Unauthorized Access Directory Traversal Vulnerability in Aprox PHP Portal's index.php Allows Remote File Read Multiple Buffer Overflows in Overkill (0verkill) 0.15pre3: Local and Remote Code Execution Vulnerabilities SQL Injection Vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and Earlier X-Cart 3.4.3 Directory Traversal Vulnerability Arbitrary Command Execution in X-Cart 3.4.3 via perl_binary Argument Information Disclosure Vulnerability in X-Cart 3.4.3 Inconsistent Login Message Vulnerability Denial of Service Vulnerability in Cisco 6000, 6500, and 7600 Series Systems with MSFC2 and FlexWAN/OSM Module Denial of Service Vulnerability in Web Crossing 4.x and 5.x Arbitrary PHP Code Execution via Remote File Inclusion in Les Commentaires 2.0 Chaser 1.50 and Earlier Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in PHPX 3.2.3 Allows Remote Code Execution Account Hijacking Vulnerability in PHPX 2.0 through 3.2.4 SQL Injection Vulnerability in PhotoPost PHP Pro 4.6 and Earlier Arbitrary Script Execution via rxgoogle.cgi XSS Vulnerability Denial of Service Vulnerability in TYPSoft FTP Server 1.10 Remote Code Execution and Denial of Service Vulnerability in IBM Cloudscape 5.1 Discuz! Board 2.x and 3.x Cross-Site Scripting (XSS) Vulnerability via img Tag Xlight 1.52 Denial of Service Vulnerability via Long Directory Request Local Privilege Escalation via Symlink Attack in GNU libtool IPv6 Denial of Service Vulnerability in OpenBSD and NetBSD Buffer Overflow Vulnerabilities in RealOne Player and RealPlayer Enterprise Bypassing Access Restrictions via Empty or Spoofed HTTP Referer in Formmail.php Arbitrary File Deletion Vulnerability in CactuSoft CactuShop 5.0 Lite OpenJournal 2.0 through 2.0.5 Authentication Bypass Vulnerability Stack-based Buffer Overflow in The Palace 3.5 and Earlier Client via palace:// URL Global Variable Leakage in PHP 4.3.4 and Earlier in Apache 1.x and 2.x (mod_php) Denial of Service Vulnerability in palmhttpd for PalmOS Arbitrary Script Execution via URL-Encoded Parameters in Php-Nuke Modules SQL Injection Vulnerability in Php-Nuke Public Message Capability Arbitrary File Overwrite Vulnerability in eTrust InoculateIT for Linux 6.0 Buffer Overflow Vulnerabilities in EvolutionX 3921 and 3935: Remote Denial of Service (DoS) via FTP and Telnet Commands SQL Injection Vulnerability in PHP-Nuke 6.9 and Earlier: Remote Code Injection and Sensitive Information Disclosure Denial of Service Vulnerability in libclamav of Clam AntiVirus 0.65 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MaxWebPortal MaxWebPortal SQL Injection Vulnerability in Personal Messages Arbitrary File Upload Vulnerability in RealOne Player Incorrect STAT_OFFERED Assignment Vulnerability in Eggheads Eggdrop IRC Bot 1.6.10 - 1.6.15 SQL Injection Vulnerability in BosDates 3.2 and Earlier: Exploiting the Calendar Parameter Denial of Service Vulnerability in Monkey HTTP Daemon (monkeyd) 0.8.1 and Earlier Dream FTP 1.02 Format String Vulnerability Denial of Service Vulnerability in Ratbag Game Engine Local File Overwrite Vulnerability in aimSniff.pl 0.9b Remote Code Disclosure in Caucho Technology Resin 2.1.12 via Encoded Space Character in JSP File Name Information Disclosure Vulnerability in Caucho Technology Resin 2.1.12 Denial of Service Vulnerability in Crob FTP Daemon 3.5.2 Arbitrary File Overwrite Vulnerability in Mailmgr 1.2.3 Denial of Service Vulnerability in Microsoft Internet Explorer and Outlook Remote File Inclusion Vulnerabilities in AllMyVisitors, AllMyLinks, and AllMyGuests via _AMVconfig[cfg_serverpath] Parameter Buffer Overflow Vulnerability in RobotFTP 1.0 and 2.0 beta 1 Denial of Service Vulnerability in Xlight FTP Server 1.52 via Long RETR Command Argument Remote Code Execution Vulnerability in mnoGoSearch 3.2.13-3.2.15 via Buffer Overflow in UdmDocToTextBuf Function Buffer Overflow Vulnerability in sdbscan in SignatureDB 0.1.1 Remote Code Execution Vulnerability in Purge Jihad 2.0.1 and Earlier SQL Injection Vulnerability in post.php Allows Password Retrieval Buffer Overflow Vulnerability in KarjaSoft Sami HTTP Server 1.0.4 Directory Traversal Vulnerability in ShopCartCGI 2.3 Allows Remote File Retrieval User Enumeration Vulnerability in YaBB 1 SP 1.3.1 Denial of Service Vulnerability in Broker FTP 6.1.0.0 Remote Denial of Service (DoS) Vulnerability in Broker FTP 6.1.0.0 Buffer Overflow Vulnerability in Ipswitch IMail Server 8.03 LDAP Daemon (iLDAP.exe 3.9.15.10) Denial of Service Vulnerability in CesarFTP 0.99e via Long RETR Parameter Buffer Overflow Vulnerability in smallftpd 0.99 Allows Denial of Service via FTP Request SQL Injection Vulnerability in Online Store Kit 3.0: Unauthorized Access via Multiple Parameters Arbitrary HTML Injection Vulnerability in Online Store Kit 3.0's more.php OWLS 1.0 Directory Traversal Vulnerability Arbitrary File Retrieval Vulnerability in OWLS 1.0 SQL Injection Vulnerability in WebCortex WebStores 2000 6.0: Unauthorized Access and Arbitrary Command Execution via browse_items.asp WebCortex WebStores 2000 6.0 Error.asp Cross-Site Scripting (XSS) Vulnerability Default TFTP Service Enabled on Cisco ONS Devices Allows Unauthorized File Access Denial of Service Vulnerability in Cisco ONS 15327, ONS 15454, and ONS 15454 SD Unauthorized Access via Telnet Connection to VxWorks Shell in Cisco ONS Devices Stack-based Buffer Overflow in ZoneAlarm SMTP Service LiveJournal 1.0 and 1.1 Cross-Site Scripting (XSS) Vulnerability Default Password Vulnerability in APC Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 Linksys WAP55AG 1.07 SNMP Read/Write Community String Vulnerability Buffer Overflow Vulnerability in PSOProxy 0.91: Remote Code Execution and Denial of Service Arbitrary Script Execution via Cross-Site Scripting (XSS) in WebzEdit 1.9 and Earlier Avirt Voice 4.0 Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Avirt Soho 4.3 Allows Remote Denial of Service Attacks Buffer Overflow Vulnerability in eauth in Load Sharing Facility 4.x, 5.x, and 6.x Privilege Escalation via LSF_EAUTH_UID Environment Variable Arbitrary Script Execution via XSS Vulnerability in ezBoard 7.3u Font Tag nCipher Hardware Security Modules (HSM) Local Memory Access Vulnerability Denial of Service Vulnerability in Team Factor 1.25 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in XMB 1.8 Final SP2 Multiple SQL Injection Vulnerabilities in XMB 1.8 Final SP2 and XMB 1.9 Beta Remote Code Execution Vulnerability in Confirm 0.62 and Earlier via Email Header Denial of Service Vulnerability in TYPSoft FTP Server 1.10 GateKeeper Pro 4.7 Web Proxy Buffer Overflow Vulnerability Arbitrary File Retrieval Vulnerability in PhpNewsManager 1.46 Local Network Authentication Bypass in Gigabyte Gn-B46B 2.4Ghz Wireless Broadband Router Firmware 1.003.00 Denial of Service Vulnerability in FreeChat 1.1.1a Buffer Overflow Vulnerability in Serv-U FTP Server Dell OpenManage Web Server 3.4.0 Heap-Based Buffer Overflow Vulnerability Insecure Password Validation in Extremail 1.5.9 Allows Remote Privilege Escalation Buffer Overflow in UUDeview Package Allows Remote Code Execution InnoMedia VideoPhone Basic Authorization Bypass Vulnerability Directory Listing Vulnerability in LAN SUITE Web Mail 602Pro Sensitive Information Disclosure in LAN SUITE Web Mail 602Pro LAN SUITE Web Mail 602Pro Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Invision Board Forum's search.php Allows Remote Code Execution Arbitrary Script Execution via Cross-Site Scripting (XSS) in phpBB ViewTopic.php Stack-based Buffer Overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 Denial of Service Vulnerability in WFTPD Pro Server 3.21 Release 1 Denial of Service Vulnerability in WFTPD Pro Server 3.21 Release 1 with XeroxDocutech Option SQL Injection Vulnerabilities in YaBB SE 1.5.4 through 1.5.5b: Remote Code Execution Arbitrary File Deletion Vulnerability in YaBB SE ModifyMessage.php Remote Code Execution Vulnerability in Red Faction Client 1.20 and Earlier via Long Server Name Off-by-one Buffer Overflow in ProFTPD 1.2.7 through 1.2.9rc2p via RETR Command NetScreen-SA 5000 Series Firmware 3.3 Patch 1 XSS Vulnerability SQL Injection Vulnerability in SpiderSales Shopping Cart Software Arbitrary File Viewing Vulnerability in GWeb HTTP Server 0.6 Insecure Private Key Length Enforcement in SpiderSales Shopping Cart Insecure Storage of Private Key in Spider Sales Shopping Cart Denial of Service Vulnerability in Cisco 11000 Series Content Services Switches Buffer Overflow Vulnerabilities in GNU Anubis Auth_ident() Function Multiple Format String Vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92, and 3.9.93 Invision Power Board 1.3 Final Information Disclosure Vulnerability Stack-based Buffer Overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and Earlier Remote Code Execution Vulnerability in SL Mail Pro 2.0.9 Arbitrary Script Execution in VirtuaNews Admin Panel Pro 1.0.3 Arbitrary Script Execution via Cross-Site Scripting (XSS) in Invision Power Board 1.3 final Privilege Escalation Vulnerability in Solaris 8.0 and 9.0 passwd(1) Denial of Service Vulnerability in Safari's JavaScript Engine Stack-based Buffer Overflow in ICQ Parsing Routines of ISS Protocol Analysis Module Stack-based Buffer Overflow in SymSpamHelper ActiveX Component in Norton AntiSpam 2004 Arbitrary Program Execution Vulnerability in Norton Internet Security 2004 Null Dereference Vulnerability in Ethereal's dissect_attribute_value_pairs Function Arbitrary SQL Execution Vulnerability in libpam-pgsql Library Denial of Service Vulnerability in Ethereal 0.10.1 to 0.10.2 Double Free Vulnerability in dtlogin Allows Remote Code Execution via Crafted XDMCP Packet Remote Code Execution Vulnerability in Entrust LibKmp ISAKMP Library IPv6 setsockopt Vulnerability in FreeBSD 5.2: Kernel Memory Read and System Panic Cross-Realm Impersonation Vulnerability in Heimdal 0.6.x and 0.5.x Arbitrary File Overwrite Vulnerability in xine's Bug Report Email Generation Arbitrary Variable Exposure in Interchange before 5.0.1 Denial of Service Vulnerability in Symantec Norton Internet Security and Firewall Products Denial of Service Vulnerability in oftpd 0.3.6 and Earlier via Large PORT Command Buffer Overflow in win32_stat Function Allows Arbitrary Command Execution Microsoft SharePoint Portal Server 2001 Multiple Cross-Site Scripting (XSS) Vulnerabilities MHTML URL Processing Vulnerability MySQL Symlink Attack Vulnerability Unspecified Vulnerability in CUPS Printing System in Mac OS X 10.3.3 and Mac OS X 10.2.8 HTML-Formatted Email Vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8 Heap-based Buffer Overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 Buffer Overflow Vulnerability in MPlayer HTTP Parser RT3 Plugin Stack-based Buffer Overflow Vulnerability MySQL mysqld_multi Script Symlink Attack Vulnerability Denial of Service Vulnerability in RealNetworks Helix Universal Server 9.0.1 and 9.0.2 Xauthority Style Access Control Bypass in SCO OpenServer 5.0.5-5.0.7 Hardcoded Username and Password Vulnerability in Cisco Wireless LAN Solution Engine and Hosting Solution Engine Denial of Service Vulnerability in racoon (before 20040407b) via Malformed IKE Message Format String Vulnerability in rlpr daemon (rlprd) 2.0.4 Allows Remote Code Execution Potential Buffer Overflow in Linux 2.4.x Panic() Function Privilege Escalation Vulnerability in xatitv Program Heap-based Buffer Overflow in CVS 1.11.x and 1.12.x via pserver Mechanism Remote Code Execution Vulnerability in Subversion 1.0.2 and Earlier via apr_time_t Data Conversion Remote Code Execution Vulnerability in neon library (libneon) 0.24.5 and earlier Exim Sender Verification Stack-based Buffer Overflow Vulnerability Exim 4 Buffer Overflow Vulnerability DER Parsing Vulnerability in libtasn1 0.1.x and 0.2.x Buffer Overflow Vulnerability in xpcd-svga Allows for Arbitrary Code Execution Denial of Service Vulnerability in Racoon (pre-20040408a) via Large Length Field in ISAKMP Packet Arbitrary File Overwrite Vulnerability in logcheck before 1.1.1 Arbitrary File Read Vulnerability in CVS before 1.11 Denial of Service (Disk Consumption) Vulnerability in ColdFusion MX 6.1 Remote Code Execution Vulnerability in ident2 ident daemon Remote Code Execution Vulnerability in XChat Socks-5 Proxy Code Remote Code Execution via URI Handlers in Konqueror Mailman Password Disclosure Vulnerability Heap-based Buffer Overflow in libsvn_ra_svn in Subversion 1.0.4 Malformed Entry Lines Vulnerability in CVS 1.12.x and 1.11.x 64-bit File Offset Pointer Conversion Vulnerability in Linux Kernel Double Free Vulnerability in CVS 1.12.x and 1.11.x Integer Overflow in Max-dotdot CVS Protocol Command Out-of-Bounds Write Vulnerability in CVS 1.12.x and 1.11.x XDM in XFree86 ChooserFd TCP Socket Vulnerability Arbitrary Code Execution Vulnerability in Windows Shell Application Out-of-Bounds Read Denial of Service Vulnerability in libpng Insecure Temporary File Creation in flim before 1.14.3 Allows Arbitrary File Overwrite via Symlink Attack Local Privilege Escalation via Symlink Attack in ssmtp 2.50.6 and Earlier Integer Overflow Vulnerability in Linux Kernel's ip_setsockopt Function Heap-based Buffer Overflow in SiteMinder Affiliate Agent 4.x via Large SMPROFILE Cookie Path Traversal Vulnerability in rsync before 2.6.1 Memory Leak Vulnerability in Linux Kernel's do_fork Function Unspecified Vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server Unspecified Vulnerability in RAdmin for Apple Mac OS X: Handling of Large Requests Stack-based Buffer Overflow in AppleFileServer for Mac OS X 10.3.3 and Earlier Heap-based Buffer Overflow in Apple QuickTime (QuickTime.qts) via Integer Overflow ProFTPD 1.2.9 CIDR ACL Bypass Vulnerability Multiple Buffer Overflows in RTSP Client for MPlayer and xine-lib Heap-based Buffer Overflow in k5admind (kadmind) for Heimdal Cache Consistency Vulnerability in FreeBSD's msync System Call Denial of Service Vulnerability in Titan FTP Server 3.01 Build 163 Multiple Vulnerabilities in SYMDNS.SYS for Symantec Products Denial of Service Vulnerability in Symantec Norton Products Linux Local Denial of Service Vulnerability Format String Vulnerability in jftpgw 0.13.4 and Earlier: Remote Code Execution Format String Vulnerability in log2mail Allows Arbitrary Code Execution Format string vulnerabilities in logquit, logerr, and loginfo functions in Software Upgrade Protocol (SUP) Race condition vulnerability in Perl's File::Path module allows local users to delete arbitrary files and directories via symlink attack Format String Vulnerability in VICE Monitor Memory Dump Command Buffer Overflow Vulnerability in rlprd 2.04 Allows Local Code Execution Buffer Overflow Vulnerability in www-sql Allows Arbitrary Code Execution Stack-based Buffer Overflow in Pavuk 0.9pl28 and Earlier Versions via Long HTTP Location Header Symlink Attack Vulnerability in mysqlhotcopy Script Denial of Service (Server Crash) Vulnerability in Mah-Jong before 1.6.2 Denial of Service Vulnerability in IEEE 802.11 CCA Algorithm Remote Code Execution and Denial of Service Vulnerability in ISC DHCP 3.0.1rc12 and 3.0.1rc13 Buffer Overflow Vulnerability in ISC DHCPD 3.0.1rc12 and 3.0.1rc13 Insecure Cookie Handling in Built-in Web Servers of Networking Devices Directory Traversal Vulnerability in WebConnect Allows Arbitrary File Reading Denial of Service Vulnerability in WebConnect 6.5 and Earlier Versions Denial of Service Vulnerability in Juniper JUNOS 5.x through JUNOS 7.x via Unfiltered MPLS Packets Juniper JUNOS Packet Forwarding Engine (PFE) Memory Leak Vulnerability Buffer Overflow Vulnerability in Check Point VPN-1 and FireWall-1 NG Products Inadvertent Removal of Security-Role-Assignment Tags in BEA WebLogic Server and WebLogic Express Unrestricted Server Control Vulnerability in BEA WebLogic Server and WebLogic Express Argument Injection Vulnerability in Opera Telnet URI Handling Remote File Read/Execution Vulnerability in Help Center (HelpCtr.exe) Arbitrary Local File Execution Vulnerability in Internet Explorer 6 on Windows XP Pro Buffer Overflow Vulnerability in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability Mozilla Denial of Service Vulnerability: High CPU/RAM Consumption via Infinite Loop in Javascript Denial of Service Vulnerability in Internet Explorer 6 via JavaScript Popup Window Argument Injection Vulnerability in IBM Lotus Notes 6.0.3 and 6.5 Symlink Attack Vulnerability in KCMS Logging Feature Multiple Integer Overflows in OpenBSD Procfs Components Allow Unauthorized Access to Kernel Memory Denial of Service Vulnerability in rpc.mountd for SGI IRIX 6.5.24 Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2800 Arbitrary File Write Vulnerability via Disk Image Mounting on Mac OS X 10.3.3 and 10.2.8 Arbitrary Code Execution Vulnerability in Mac OS X HelpViewer Remote Code Execution and Denial of Service Vulnerability in Symantec Norton AntiVirus 2004 ActiveX Control Stack-based Buffer Overflow in Apache mod_ssl SSH URI Handler Argument Injection Vulnerability in Safari on Mac OS 10.3.3 and Earlier Arbitrary PHP Code Execution Vulnerability in cPanel with Apache 1.3.29 and PHP Improper mlock Page Count Maintenance Vulnerability in Red Hat Enterprise Linux 3 Apache mod_proxy Heap-based Buffer Overflow Vulnerability Denial of Service and Heap-based Buffer Overflow Vulnerability in Apache httpd 2.0.49 Remote Code Execution Vulnerability in GNOME Virtual File System (VFS) Unknown vulnerabilities in Linux kernel 2.4 and 2.6: Privilege Escalation and Kernel Memory Access Unknown Privilege Escalation and Kernel Memory Access Vulnerabilities in Linux Kernel 2.6 Local Privilege Escalation Vulnerability in Linux Kernel 2.x Denial of Service Vulnerability in StoneSoft Firewall Engine 2.2.8 and Earlier Buffer Overflow in Gaim MSN Protocol Plugins Outlook 2003 VML Entity Remote URL Request Vulnerability Predictable Location Vulnerability in Outlook 2003 Allows Remote Code Execution Remote Code Execution via OLE Object in Microsoft Outlook 2003 Denial of Service Vulnerability in Ethereal 0.10.3 via SIP Messages Denial of Service Vulnerability in Ethereal 0.10.3 AIM Dissector Null Pointer Dereference Vulnerability in SPNEGO Dissector in Ethereal 0.9.8 to 0.10.3 Buffer Overflow Vulnerability in Ethereal 0.10.1 to 0.10.3: Remote Code Execution and Denial of Service Buffer Overflow Vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7 Null Dereference Vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7 MMDF Denial of Service Vulnerabilities Unspecified vulnerability in Mac OS X before 10.3.4 allows unauthorized access through system call logging. Directory Services Lookup Vulnerability in Mac OS X 10.3.4 LoginWindow Console Log File Handling Vulnerability in LoginWindow for Mac OS X 10.3.4 Unidentified Vulnerability in Mac OS X 10.3.4: Package Installation Script Vulnerability Mac OS X 10.3.4 Vulnerability: Process ID Handling during Package Installation Unspecified Vulnerability in AppleFileServer for Mac OS X 10.3.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SquirrelMail 1.4.2 Arbitrary HTML and Script Injection in SquirrelMail Mime.php SQL Injection Vulnerability in SquirrelMail before 1.4.3 RC1 Authentication Bypass Vulnerability in Gallery 1.4.3 and Earlier Remote Code Execution Vulnerability in MIT Kerberos 5 (krb5) 1.3.3 and earlier Buffer Overflow in chpasswd Command in Change_passwd Plugin Denial of Service Vulnerability in HP Integrated Lights-Out (iLO) Versions 1.10 to 1.55 URL Spoofing Vulnerability in Internet Explorer and Outlook URL Spoofing Vulnerability in KDE Konqueror 2.1.1 and 2.2.2 URL Spoofing Vulnerability in Netscape Navigator 7.1 Privilege Escalation Vulnerability in cPanel's Modified suexec Program Arbitrary Code Execution Vulnerability in PHP Package in Slackware 8.1, 9.0, and 9.1 Arbitrary File Deletion Vulnerability in Business Objects WebIntelligence 2.7.0 - 2.7.4 Arbitrary Script Injection in Business Objects InfoView Memory Initialization Vulnerability in e1000 Driver for Linux Kernel 2.4.26 and Earlier Format String Vulnerability in Tripwire Commercial and Open Source Versions Vulnerability: Wide Icon Phishing Attack in Opera 7.50 and Earlier Automatic Execution of Applications in Mac OS X 10.3.4 and 10.2.8: A Vulnerability Allowing Arbitrary Code Execution Arbitrary Code Execution via Safari's Show in Finder Button Windows 2000 Domain Login Vulnerability Buffer Overflow in ntlm_check_auth Function in Squid Web Proxy Cache Shell Metacharacter Injection Vulnerability in PHP 4.3.7 and earlier on Win32 Platforms SQL Injection Vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 Buffer Overflow Vulnerabilities in LVM for AIX 5.1 and 5.2 Local Privilege Escalation via Symlink Attack in LVM for AIX 5.1 and 5.2 Buffer Overflow Vulnerability in PostgreSQL ODBC Driver (pre-7.2.1) Allows Remote Denial of Service Stack-based buffer overflows in Aspell's word-list-compress functionality allow for arbitrary code execution Arbitrary Code Execution via showModalDialog Method in Internet Explorer 6 Buffer Overflow in RealPlayer 10: Remote Code Execution via URL Cisco Catalyst Switches TCP-ACK DoS Vulnerability Vulnerability: Bypassing Detection with Reserved MS-DOS Device Names in Sophos Small Business Suite 1.00 on Windows Denial of Service Vulnerability in Linux Kernel 2.4.x and 2.6.x for x86 Remote Code Execution Vulnerability in queue before 1.30.1 Buffer Overflow Vulnerabilities in Sound eXchange (SoX) WAV File Parsing Denial of Service Vulnerability in CUPS IPP Implementation Usermin Local File Overwrite Vulnerability Integer Overflow Vulnerability in Gopher Daemon (gopherd) 3.0.3 Format String Vulnerability in Gopher Daemon (gopherd) 3.0.3: Remote Code Execution and Denial of Service World Readable Permissions in tspc.conf Configuration File on Debian Linux Local Privilege Escalation in Roaring Penguin pppoe (rp-ppoe) Floating Point Information Leak in Linux 2.4.x Context Switch Code Windows 2000 Integer Overflow Vulnerability in imgbmp.cxx Name Validation Vulnerability in Windows Internet Naming Service (WINS) Buffer Overflow Vulnerability in HyperTerminal Application Remote Code Execution Vulnerability in RPC Runtime Library for Microsoft Windows NT 4.0 Table Conversion Vulnerability in Microsoft Word for Windows 6.0 Converter Buffer Overflow in Windows Program Group Converter (grpconv.exe) Allows Remote Code Execution Buffer Overflow Vulnerability in Microsoft WordPerfect Converter Remote Code Execution Vulnerability in NNTP Component of Microsoft Windows and Exchange Servers Integer Overflow Vulnerability in DUNZIP32.DLL for Microsoft Windows XP, Windows Server 2003, and their 64-bit Editions Denial of Service Vulnerability in GNU Radius 1.1 with SNMP Enabled Arbitrary File Read Vulnerability in WinGate 5.2.3 and 6.0 beta 2 Arbitrary File Read Vulnerability in WinGate 5.2.3 and 6.0 beta 2 Super 3.23 Format String Vulnerability DHCP Buffer Overflow Vulnerability in Linksys Cable/DSL Routers Arbitrary File Deletion Vulnerability in ksymoops-gznm Script Webmin 1.140 Access Control Bypass Vulnerability Account Lockout Bypass Vulnerability in Webmin and Usermin Cross-Site Scripting (XSS) Vulnerability in Horde IMP 3.2.3 and Earlier Remote Code Execution in acpRunner ActiveX 1.2.5.0 via Download and SaveFilePath Methods Insecure Permissions in Linux /proc/scsi/qla2300/HbaApiNode File: Local Denial of Service Vulnerability Arbitrary HTML and Script Injection Vulnerability in Usermin 1.070 Web Mail Module Denial of Service Vulnerability in Cisco IOS BGP Routing Spoofed PKCS#7 Certificate Authentication Vulnerability Arbitrary Web Script Injection in SqWebMail 4.0.4 and Earlier Denial of Service Vulnerability in tcp_find_option Function of SUSE Linux Kernel Broadcast Traffic Bypass Vulnerability in Sygate Enforcer 3.5MR1 and Earlier Arbitrary Code Execution via Memory Limit Vulnerability Null Character Bypass in strip_tags Function Allows Cross-Site Scripting (XSS) Exploitation Denial of Service Vulnerability in Linux Kernel 2.6.x up to 2.6.7 Buffer Overflow Vulnerabilities in libpng 1.2.5 and Earlier Null Dereference Vulnerability in libpng 1.2.5 and Earlier Integer Overflow Vulnerabilities in libpng 1.2.5 and Earlier Arbitrary Code Execution Vulnerability in Samba Web Administration Tool (SWAT) Incorrect Interpretation of IP-based Access Control Rules in distcc before 2.16 on 64-bit Platforms Binary Compatibility Mode Vulnerability in FreeBSD 4.x and 5.x Remote Code Execution in gzexe in gzip 1.3.3 and earlier Denial of Service Vulnerability in giFT-FastTrack 0.8.6 and Earlier Unrestricted Rate-Limit Vulnerability in ircd-hybrid and ircd-ratbox Infoblox DNS One Firmware XSS Vulnerability Bypassing Authentication through OpenSSL Validation Failure in KAME Racoon Unreal Engine Remote Code Execution Vulnerability Remote File Existence Disclosure in rssh 2.0 through 2.1.x Denial of Service Vulnerability in Microsoft MN-500 Wireless Router Web Administration Interface Denial of Service Vulnerability in Netgear FVS318 VPN Router's Web-Based Administration SSL Encryption Bypass Vulnerability in ZoneAlarm Pro 5.0.590.015 Remote Code Execution and File Disclosure Vulnerability in osTicket osTicket Hidden Form Field Upload Size Bypass Vulnerability Arbitrary Script Injection Vulnerability in D-Link SOHO Routers Default Public SNMP Community Name Vulnerability ArbitroWeb 0.6 XSS Vulnerability in rawURL Parameter Denial of Service Vulnerability in FreeBSD 5.1 for Alpha Processor Buffer overflow vulnerability in Linux Broadcom 5820 cryptonet driver allows for denial of service and potential code execution Arbitrary HTML and Script Injection in vBulletin 3.0.1 Edit-panel Remote Code Execution in Newsletter ZWS via ulevel Parameter Memory Leakage Vulnerability in Apple Mac OS X Login Process Format String Vulnerability in GNU GNATS 4.00 Allows Remote Code Execution via syslog Logging Artmedic Links 5.0 - PHP Remote File Inclusion Vulnerability in index.php Authentication Bypass and Privilege Escalation via SQL Injection in Infinity WEB 1.0 Denial of Service Vulnerability in Linux Kernel 2.6 TCP Option Handling Authentication Bypass Vulnerability in MySQL 4.1.x and 5.0 MySQL Stack-based Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat ActiveX Component (pdf.ocx) Arbitrary Code Execution via Filename in Adobe Acrobat Reader for Unix and Linux Buffer Overflow in Adobe Acrobat Reader uudecoding Feature Buffer Overflow Vulnerability in Adobe Reader 6.0 Integer Overflow Vulnerability in iSNS Dissector for Ethereal 0.10.3 through 0.10.4 SMB SID Snooping Denial of Service Vulnerability Denial of Service Vulnerability in Ethereal SNMP Dissector Buffer Overflow in AIM:Goaway URI Handler Allows Remote Code Execution Privilege Escalation via Publicly Accessible ctxsys.driload Package in Oracle Database Server 8.1.7.4 through 9.2.0.4 Buffer Overflow Vulnerability in Oracle 9i Database Server's dbms_system.ksdwrt Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Squirrelmail 1.2.10 and Earlier Arbitrary Code Execution Vulnerability in SSLtelnetd 0.13 Predictable TCP Initial Sequence Numbers (ISNs) in Thomson SpeedTouch 510 ADSL Router Double Free Vulnerabilities in ASN.1 Decoders of MIT Kerberos 5 (krb5) 1.3.4 and Earlier Double Free Vulnerability in krb5_rd_cred Function in MIT Kerberos 5 (krb5) 1.3.1 and Earlier Denial of Service Vulnerability in MIT Kerberos 5 ASN.1 Decoder Library Buffer Overflow in wvWare Library's wvHandleDateTimePicture Function Buffer Overflow Vulnerability in JRun Web Server Connectors Symlink Attack Vulnerability in Shorewall 1.4.10c and Earlier, and 2.0.x before 2.0.3a Arbitrary Program Execution via shell: URI Protocol in Mozilla, Firefox, and Thunderbird Buffer Overflow in write_packet in control.c for l2tpd: Remote Code Execution Vulnerability Arbitrary File Upload and Execution in Cisco Collaboration Server (CCS) Denial of Service Vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 Authentication Bypass Vulnerability in BEA WebLogic Server and WebLogic Express Plaintext Password Storage Vulnerability in Solaris 9 Kerberos Client BSM Audit Class Denial of Service Vulnerability Symlink Attack Vulnerability in eupdatedb Denial of Service Vulnerability in PureFTPd 1.0.18 and Earlier NTPd Integer Overflow Vulnerability Integer Overflow Vulnerability in IEEE 1394 (Firewire) Driver Buffer Overflow in MPlayer 1.0pre4's TranslateFilename in common.c Arbitrary Script Injection Vulnerability in CuteNews 1.3.1 Denial of Service Vulnerability in D-Link AirPlus DI-614+ Firmware 2.30 and Earlier Information Disclosure Vulnerability in PowerPortal 1.x via Invalid or Missing Parameters PowerPortal 1.x Cross-Site Scripting (XSS) Vulnerability PowerPortal 1.x Directory Traversal Vulnerability Information Disclosure Vulnerability in csFAQ.cgi Buffer Overflow Vulnerability in popclient 3.0b6 Privilege Escalation Vulnerability in RSBAC 1.2.2 through 1.2.3 Denial of Service Vulnerability in Lotus Domino 6.5.1 via Large Email Message Remote authenticated users can change their quota in Lotus Domino 6.5.0 and 6.5.1 with IMAP enabled using the IMAP setquota command. Denial of Service Vulnerability in Prestige 650HW-31 Router with Rompager 4.7 Software Remote Code Execution in Brightmail Spamfilter 6.0 and Earlier Beta Releases Cross-Site Scripting (XSS) Vulnerabilities in Netegrity IdentityMinder Web Edition 5.6 Arbitrary Web Script Execution via Invalid Request in SCI Photo Chat Server 3.4.9 Denial of Service Vulnerability in Enterasys XSR-1800 Series Security Routers Arbitrary Web Script Execution Vulnerability in Cart32 Shopping Cart Arbitrary File Creation and Deletion Vulnerability in Fastream NETFile FTP/Web Server Denial of Service Vulnerability in Fastream NETFile FTP Server 6.7.2.1085 and Earlier Arbitrary Script Execution via XSS in 12Planet Chat Server 2.9 Weak Hashing Scheme in IP Cloaking Feature of UnrealIRCd 3.2 Allows Brute Force IP Address Retrieval Default HTML Management Password Bypass Vulnerability in Zoom X3 ADSL Modem Cross-Site Scripting (XSS) Vulnerabilities in Comersus Cart 5.09 Price Manipulation Vulnerability in Comersus Cart 5.09 and Earlier Versions Denial of Service Vulnerability in Symantec Norton AntiVirus 2002 and 2003 Denial of Service Vulnerability in WebSphere Edge Server 5.02 Uninitialized Structure Vulnerability in Linux 2.4 USB Drivers Buffer Overflow Vulnerability in Samba with mangling method = hash Option Stack-based Buffer Overflow Vulnerabilities in libXpm Integer Overflow Vulnerabilities in libXpm Arbitrary File Creation and Truncation Vulnerability in KDE before 3.3.0 Local Privilege Escalation Vulnerability in KDE DCOPServer Heap-based Buffer Overflow in QT Library BMP Image Format Parser Denial of Service Vulnerability in QT Library's XPM Parser Denial of Service Vulnerability in QT Library GIF Parser Buffer Overflow Vulnerability in LHA 1.14 and Earlier Stack-based Buffer Overflow in 4D WebSTAR FTP Service Arbitrary Directory Listing Vulnerability in 4D WebSTAR 5.3.2 and Earlier Remote Information Disclosure Vulnerability in 4D WebSTAR 5.3.2 and Earlier Local File Inclusion Vulnerability in 4D WebSTAR 5.3.2 and Earlier Remote Code Execution Vulnerability in Check Point VPN-1 Products via Aggressive Mode IKE Format String Vulnerability in mod_proxy Hook Functions in mod_ssl Smartcard Detection Vulnerability in Sun Ray Server Software (SRSS) 1.3 and 2.0 Sensitive Information Disclosure in Bugzilla 2.17.1 through 2.17.7 Unauthorized Granting of Group Memberships in Bugzilla Administrative Controls Remote Information Disclosure Vulnerability in Bugzilla 2.16.x and 2.18 before 2.18rc1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bugzilla 2.16.x and 2.18 Password Exposure in Bugzilla Image URLs Arbitrary SQL Execution in Bugzilla's editusers.cgi User Privilege Escalation via User-Group Name Collision in MoinMoin 1.2.1 and Earlier UTF-8 URL Decoding Vulnerability in HP OpenView Select Access 5.0 through 6.0 Denial of Service Vulnerability in Cisco Catalyst 6500 Series Switch and Cisco 7600 Series Internet Routers URL Pattern Matching Vulnerability in BEA WebLogic Server 6.x and 7.x Cleartext Storage of Administrative Credentials in BEA WebLogic Server Configuration Tools EJB Unexport Vulnerability in BEA WebLogic Server and WebLogic Express Cisco IOS Denial of Service Vulnerability WebLogic Authentication Provider Group Deletion Vulnerability Buffer Overflow in DCE Daemon (DCED) for HP-UX 11's DCE Endpoint Mapper (epmap) Allows Remote Code Execution Frame Injection Vulnerability in Opera 7.51 for Windows and 7.50 for Linux Frame Injection Vulnerability Frame Injection Vulnerability in Internet Explorer Frame Injection Vulnerability in Safari 1.2.2 Frame Injection Vulnerability in Konqueror 3.1.3 and 3.2.2 Arbitrary Code Execution via Integer Overflow in SOAPParameter Constructor Cross-Site Java Vulnerability in Microsoft Java Virtual Machine (VM) 5.0.0.3810 Empty Fragmented Packet Denial of Service Vulnerability Arbitrary Code Injection through help.php in Moodle 1.3.2 and 1.4 dev Remote Code Execution Vulnerability in Windows Media Player Control Similar Method Name Redirection Cross Domain Vulnerability Denial of Service Vulnerability in Microsoft Systems Management Server (SMS) 2.50.2726.0 Sensitive Information Disclosure in PhpBB 2.0.8 via Invalid Parameters Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpBB 2.0.8 Arbitrary Script Injection Vulnerability in Php-Nuke Search Module SQL Injection Vulnerability in Php-Nuke Search Module Allows Remote Code Execution Format String Vulnerability in OllyDbg 1.10: Remote Code Execution and Denial of Service Arbitrary Command Execution in Web_Store.cgi via Shell Metacharacters Remote Code Execution Vulnerability in Medal of Honor (1) Allied Assault, (2) Breakthrough, and (3) Spearhead on LAN Php-Nuke Search Module Path Disclosure Vulnerability Multiple Cross-Site Scripting Vulnerabilities in Php-Nuke Search Module Multiple SQL Injection Vulnerabilities in Php-Nuke Search Module Whisper FTP Surfer 1.0.7 Buffer Overflow Vulnerability Denial of Service Vulnerability in Lexmark T522 HTTP Server Denial of Service Vulnerability in LionMax Software WWW File Share Pro 2.60 Privilege Escalation and Data Modification Vulnerability in Sun Java System Portal Server 6.2 Information Leak Vulnerability in Safari for Mac OS X Denial of Service Vulnerability in Mac OS X TCP/IP Networking Component Arbitrary Command Execution Vulnerability in LHA 1.14 and Earlier Session Fixation Vulnerability in Konqueror Browser Apache 2.0.50 Buffer Overflow Vulnerability Denial of Service Vulnerability in mod_ssl in Apache 2.0.50 and Earlier Unrestricted Metadata Access Vulnerability in Subversion 1.0.7 and Earlier Insecure Permission Handling in redhat-config-nfs before 1.0.13 Denial of Service Vulnerability in mod_ssl Reverse Proxying Predictable Directory Names with Insecure Permissions in OpenOffice (OOo) 1.1.2 Denial of Service Vulnerability in BMP Image Processor Integer Overflow Vulnerability in Gaim Groupware Server Messages Insecure File Permissions in CGI::Session for Ruby Heap-based Buffer Overflow in SendUidl in POP3 Capability of Mozilla, Firefox, and Thunderbird Denial of Service Vulnerability in Mozilla 1.5 through 1.7 Arbitrary File Reading Vulnerability in Mozilla 1.7 Remote Code Execution Vulnerability in Mozilla via Null Character in FTP URI Spoofing Security Lock Icon Vulnerability Arbitrary Extension Installation Vulnerability in Mozilla, Firefox, and Thunderbird Certificate Spoofing Vulnerability in Mozilla Firefox 0.9.1 and 0.9.2 Remote Code Execution via chrome Flag and XUL Files Vulnerability: Inadequate Certificate Validation in Mozilla, Firefox, and Thunderbird NGSEC StackDefender 2.0 Denial of Service Vulnerability Denial of Service Vulnerability in NGSEC StackDefender 1.10 Buffer Overflow Vulnerability in libpng 1.2.5 and Earlier LHA Buffer Overflow Vulnerability in LHarc Format 2 Headers Arbitrary File Overwrite Vulnerability in DGen Emulator 1.23 and Earlier Buffer Overflow in LHA's extract_one function via long w command line option Double Free Vulnerability in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and Earlier Denial of Service Vulnerability in RealNetworks Helix Universal Server 9.0.2 and 9.0.3 Buffer Overflow Vulnerability in WIDCOMM Bluetooth Connectivity Software Format String Vulnerability in Courier-IMAP's auth_debug Function Arbitrary File and Directory Existence Disclosure in CVS 1.11.x and 1.12.x Insecure Password Caching in Mozilla, Firebird, and Firefox Web Browsers Buffer Overflow Vulnerability in uustat in Sun Solaris 8 and 9 Arbitrary Web Script Injection via UserAgent Parameter in Icecast Server Integer Overflow in XPM Image Decoder in gtk+ 2.4.4 and earlier Stack-based Buffer Overflow in XPM Image Decoder in gtk+ 2.4.4 and earlier Arbitrary Command Execution via Smileys in Gaim Multiple Buffer Overflows in Gaim 0.82: Remote Code Execution and Denial of Service Vulnerabilities Denial of Service Vulnerability in Apache 2.0.50 and Earlier Arbitrary Web Script Injection Vulnerability in OpenCA Web Frontend Integer Overflow in ICO Image Decoder Denial of Service Vulnerability in Multiple DNS Implementations Blind Connection-Reset Attack Vulnerability ICMP Source Quench Attack: Denial of Service via Blind Throughput-Reduction Directory Traversal Vulnerability in Rsync 2.6.2 and Earlier Privilege Escalation Vulnerability in bsdmainutils Calendar Program Multiple Signal Handler Race Conditions in lukemftpd Privilege Escalation via DB2RCMD.EXE and DB2REMOTECMD Named Pipe Denial of Service Vulnerability in SpamAssassin 2.5x and 2.6x Denial of Service Vulnerability in ZLib Compression Library 1.2.x Buffer Overflow in Ipswitch WhatsUp Gold _maincfgret.cgi Script Denial of Service Vulnerability in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 Format String Vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 Arbitrary Command Execution Vulnerability in Foomatic-rip Buffer Overflow in BMP Loader in Imlib2: Remote Code Execution Vulnerability Remote Code Execution Vulnerabilities in libtiff RLE Decoders Remote Denial of Service Vulnerability in libtiff's tif_dirread.c Buffer Overflow Vulnerability in mpg123 0.59r and 0.59s Privilege Escalation in cdrecord (cdrtools package) Denial of Service Vulnerability in Samba 3.0.6 and Earlier Denial of Service Vulnerability in Samba 3.0.6 and Earlier Apache mod_dav Denial of Service Vulnerability Buffer Overflow Vulnerability in Netopia Timbuktu 7.0.3 Apache 2.0.51 Vulnerability: Unauthorized Access to Restricted Resources TSS Limits Vulnerability in Linux Kernel SG_IO Functionality Vulnerability: Unauthorized Write and Erase Operations Bypass Race conditions in Linux terminal layer leading to data leakage and denial of service Arbitrary File Access Vulnerability in Samba's unix_clean_name Function Integer Underflow in iptables Firewall Logging Rules in Linux Heap-based Buffer Overflow in imlib BMP Image Handler Denial of Service Vulnerability in OpenBSD Bridge Functionality with IPSec Arbitrary Script Execution in Winamp Skin Files Privilege Escalation Vulnerability in CFPlugIn in Mac OS X Buffer Overflow Vulnerability in Core Foundation Framework in Mac OS X 10.2.8, 10.3.4, and 10.3.5 Vulnerability: OpenLDAP Authentication Bypass Symlink Attack Vulnerability in PPPDialer for Mac OS X 10.2.8 through 10.3.5 Denial of Service Vulnerability in QuickTime Streaming Server Remote Code Execution Vulnerability in NSS Library via Modified SSLv2 Client Hello Message Buffer Overflow Vulnerabilities in ImageMagick Graphics Library Privilege Escalation Vulnerability in RSCT ctstrtcasd Program Denial of Service Vulnerability in Samba 2.2.11 Denial of Service Vulnerability in F-Secure Anti-Virus and Internet Gatekeeper Privilege Escalation Vulnerability in McAfee VirusScan 4.5.1 Denial of Service Vulnerability in Squid 2.5.6 and Earlier with NTLM Authentication Fixed username and password vulnerability in Sendmail allows remote attackers to use as open mail relay Speedtouch USB Driver 1.3.1: Format String Vulnerability MySQL ALTER TABLE RENAME Vulnerability Buffer Overflow in mysql_real_connect Function in MySQL 4.x and 3.x Multiple Thread Denial of Service Vulnerability in MySQL 4.x and 3.x Insecure Password Storage in Lexar Safe Guard for JumpDrive Secure 1.0 Arbitrary Program Installation Vulnerability in Internet Explorer Arbitrary Code Execution Vulnerability in Microsoft Windows XP, Windows Server 2003, and Exchange Server 2003 Arbitrary Program Installation via HijackClick 3 and Script in Image Tag File Download Vulnerability in Internet Explorer 6.x CSS Heap Memory Corruption Vulnerability Plug-in Navigation Address Bar Spoofing Vulnerability Double Byte Character Set (DBCS) Systems Vulnerability: Address Bar Spoofing in Internet Explorer 6 SSL Content Caching Vulnerability in Internet Explorer 5.01, 5.5, and 6 Arbitrary Code Execution Vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac Path Validation Vulnerability in Microsoft .NET Forms Authentication for ASP.NET Remote Code Execution Vulnerability in Microsoft Office XP Integer overflow vulnerability in asn_decode_string() function in GNU Radius allows remote attackers to cause denial of service. Privilege Escalation Vulnerability in Star before 1.5_alpha46 Arbitrary File Overwrite Vulnerability in Net-Acct before 0.71 Buffer Overflow Vulnerability in htget 0.93: Remote Code Execution via Crafted URL Session Fixation Vulnerability in Internet Explorer 6.0 Session Fixation Vulnerability in Mozilla Firefox 0.9.2 and 2.x Cross-Site Cookie Injection Vulnerability in Internet Explorer Cross-Site Cookie Injection Vulnerability in KDE Konqueror Cross-Site Cookie Injection Vulnerability Cross Security Boundary Cookie Injection in Opera Browser Arbitrary Program Execution Vulnerability in Apple iChat AV Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phpgroupware 0.9.16.002 and Earlier Symlink Attack Vulnerability in getmail 4.x before 4.2.0 Symlink Attack Vulnerability in getmail Buffer Overflow in Samba 3.0.x through 3.0.7 QFILEPATHINFO Request Handler Multiple Denial of Service and Information Disclosure Vulnerabilities in Samba Filesystem (smbfs) in Linux Kernel 2.4 and 2.6 Arbitrary Code Execution Vulnerability in Cyrus-SASL Libraries Apache mod_ssl SSLCipherSuite Directive Vulnerability Integer Overflow Vulnerabilities in libtiff 3.6.1 and Earlier Privilege Escalation Vulnerability in SUSE Linux Enterprise Server 9 on S/390 Platform Multiple Integer Overflows in xpdf and Related Packages: Remote Code Execution Vulnerability Multiple Integer Overflows in xpdf 3.0 and Related Packages: Remote Code Execution and Denial of Service Vulnerabilities Buffer Overflow Vulnerability in Gaim MSN Protocol Handler Spoofing Trusted Internet Content Vulnerability in Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 LPC Message Length Validation Vulnerability Privilege Escalation Vulnerability in LSASS Service of Windows Server 2000 and 2003 Buffer Overflow Vulnerability in Microsoft Windows XP and Server 2003 Indexing Service Logging Vulnerability in Microsoft Windows NT 4.0 Server and Terminal Server Edition DHCP Server Service DHCP Request Vulnerability in Microsoft Windows NT 4.0 Server and Terminal Server Edition Font Conversion Vulnerability in Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC) Multiple Heap-Based Buffer Overflows in Mozilla Firefox, Mozilla, and Thunderbird Stack-based buffer overflow in writeGroup function in nsVCardObj.cpp Arbitrary Code Execution via Integer Overflow in BMP Decoder Cross-Domain Scripting Vulnerability in Mozilla Firefox, Mozilla, and Thunderbird Insecure Permissions in XPInstall Installer: Arbitrary Code Execution Vulnerability Insecure Permissions Vulnerability in Linux Install Archives for Mozilla Firefox, Mozilla, and Thunderbird Clipboard Data Leakage Vulnerability Remote Code Execution via Signed Scripts in Mozilla Firefox, Mozilla, and Thunderbird Denial of Service Vulnerability in telnetd for Netkit 0.17 and Earlier on Debian GNU/Linux Privilege Escalation and Configuration Modification Vulnerability in ecartis 0.x and 1.x Multiple vulnerabilities in libXpm: Remote code execution and denial of service Information Disclosure Vulnerabilities in ViewCVS Directory Traversal Vulnerability in Cabextract Allows Arbitrary File Overwrite Unauthenticated Remote Information Disclosure in Vignette Application Portal Denial of Service Vulnerability in Squid Web Proxy Cache SNMP Module Kernel Memory Disclosure Vulnerability in FreeBSD 5.x via CONS_SCRSHOT ioctl MS-DOS Device Name Exploit in Symantec Norton AntiVirus 2004 and Earlier Versions Guests on AFP Server can terminate authenticated user mounts via modified SessionDestroy packets Improper Group ID Setting in AFP Server on Mac OS X Allows Unauthorized Read Access to AFP Drop Box Authentication Information Disclosure in CUPS 1.1.20 and Earlier Root Account Disabling Vulnerability in NetInfo Manager on Mac OS X 10.3.x through 10.3.5 Username Length Denial of Service Vulnerability in Postfix on Mac OS X 10.3.x through 10.3.5 Heap-based Buffer Overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 via BMP Image Insecure Self-Signed Certificate in Mac OS X ServerAdmin Authentication Bypass and Source File Disclosure in Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE Heap-based Buffer Overflow in libtiff's OJPEGVSetField Function Denial of Service Vulnerability in Samba's ms_fnmatch Function Denial of Service Vulnerability in MySQL MaxDB 7.5.00.18 Bypassing Antivirus Protection via Zeroed Headers in McAfee Anti-Virus Engine Antivirus Bypass Vulnerability in CA InoculateIT, eTrust Antivirus, and EZ-Armor Bypassing Antivirus Protection in Kaspersky 3.x to 4.x via Zeroed Headers in Compressed Files Eset Anti-Virus Vulnerability: Bypassing Antivirus Protection via Zeroed Compressed File Headers Remote Bypass of Antivirus Protection in RAV Antivirus via Zeroed Compressed File Headers Bypassing Antivirus Protection via Zeroed Headers in Sophos Anti-Virus Denial of Service Vulnerability in FreeRADIUS before 1.0.1 Unlimited Password Guessing Vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x Buffer Overflow in mod_include Allows Arbitrary Code Execution via SSI Documents Buffer Overflow Vulnerabilities in libgd Graphics Library Apache Webserver Denial of Service Vulnerability Predictable Web Session IDs in Mitel 3300 ICP Web Management Interface Denial of Service Vulnerability in Mitel 3300 ICP Web Management Interface Stack-based Buffer Overflow in rquotad of nfs-utils (CVE-2021-20254) Buffer Overflow in unarj Allows Remote Code Execution via Long Filenames Fragmented Packet Vulnerability in Samba Filesystem (smbfs) Information Disclosure Vulnerability in NetOp Host HP Ignite-UX TFTP Server Password File Disclosure Vulnerability World-writable permissions vulnerability in HP-UX Ignite-UX TFTP Server Buffer Overflow Vulnerability in Jabberd C2S Module Denial of Service Vulnerability in MySQL 4.0.20 Privilege Escalation via Underscore in MySQL Database Names Sensitive Memory Disclosure via PHP Variable Length Calculation Arbitrary File Upload Vulnerability in PHP RFC1867.c Denial of Service Vulnerability in FreeRADIUS 1.0.1 and earlier Memory Leak Vulnerability in FreeRADIUS before 1.0.1 Allows Remote Denial of Service Privilege Escalation via Apple Remote Desktop Client 1.2.4 and Fast User Switching Buffer Overflow Vulnerability in Microsoft Word 2002 (10.6612.6714) SP3 and Other Versions Buffer Overflow Vulnerability in Zinf 2.2.1 and Older Versions Allows Arbitrary Code Execution via .pls File Arbitrary Code Execution via PATH Manipulation in stmkfont on HP-UX B.11.00 through B.11.23 Symlink Attack Vulnerability in GNU Gettext Package Symlink Attack Vulnerability in ESP Ghostscript Package Symlink Attack Vulnerability in catchsegv Script Symlink Attack Vulnerability in Groffer Script Symlink Attack Vulnerability in gzexe, zdiff, and znew Scripts Local Privilege Escalation via Symlink Attack in krb5-send-pr Script Symlink Attack Vulnerability in lvmcreate_initrd Script Local Privilege Escalation via Symlink Attack in netatalk Package Symlink Attack Vulnerability in der_chop Script of OpenSSL Package Symlink Attack Vulnerability in Perl Package Symlink Attack Vulnerability in PostgreSQL 7.4.5 and Earlier Heap-based Buffer Overflow in Heartbeat.ocx ActiveX Control Inconsistent Security Configuration in Internet Explorer on Windows XP Arbitrary Code Execution via Format String Vulnerability in ez-ipupdate.c Buffer Overflow in ImageMagick EXIF Parsing Routine Buffer Overflow in getauthfromURL Function in mpg123 Pre0.59s and 0.59r: Remote Code Execution Vulnerability Denial of Service Vulnerability in Ruby CGI Module Privilege Escalation Vulnerability in Mailutils' Dotlock Implementation Arbitrary Code Execution via Drag-and-Drop Vulnerability in Internet Explorer 6.x on Windows XP SP2 Iptables Startup Module Loading Vulnerability Remote Code Execution Vulnerability in yardradius 1.0.20 via Buffer Overflow in process_menu function Denial of Service Vulnerability in Apple QuickTime 6.5.2 and Earlier on Windows Systems Multiple Buffer Overflows in libXML 2.6.12 and 2.6.13 Integer Overflow in GD Graphics Library: Remote Code Execution and Denial of Service Vulnerability Buffer Overflow Vulnerability in mpg123 Allows Remote Code Execution via MP2 or MP3 Files Proxytunnel Format String Vulnerability in -a Option (Daemon Mode) Buffer Overflow Vulnerability in hpsockd before 0.6: Remote Code Execution and Denial of Service Heap-based Buffer Overflow in xzgv 0.8 and Earlier via Large Image Width and Height Values Arbitrary File Overwrite Vulnerability in cscope 15-4 and 15-5 Unspecified Privilege Escalation Vulnerability in Linux Kernel 2.4.17 and Earlier Telnetd-ssl 0.17 and Earlier Format String Vulnerability Denial of Service Vulnerability in zgv 5.5.3 via Crafted Multiple-Image GIF Images Symlink Attack Vulnerability in Lintian 1.23 and Earlier Unauthenticated Local Privilege Escalation in Shadow 4.0.4.1 Integer Underflow Vulnerability in pppd's cbcp.c Allows Remote Denial of Service Remote Code Execution and Information Disclosure Vulnerability in Trend ScanMail Multiple Format String Vulnerabilities in Midnight Commander (mc) 4.5.55 and Earlier Multiple Buffer Overflows in Midnight Commander (mc) 4.5.55 and Earlier: Remote Code Execution Vulnerability Remote Code Execution via Format String Vulnerability in DHCPD Log Functions Quoted-Printable Decoder Denial of Service Vulnerability in Bogofilter Buffer Overflow Vulnerability in PuTTY SSH2_MSG_DEBUG Packet Handling Denial of Service Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Arbitrary Code Execution via Recursive Folder Compression in Info-Zip 2.3 and Earlier Stack-based Buffer Overflow in Cyrus IMAP Server 2.2.4 through 2.2.8 with imapmagicplus Option Arbitrary Code Execution Vulnerability in Cyrus IMAP Server 2.2.6 and Earlier Remote Code Execution Vulnerability in Cyrus IMAP Server 2.2.x through 2.2.8 Denial of Service Vulnerability in statd of nfs-utils 1.257 and Earlier Buffer Overflow Vulnerability in Cyrus IMAP Server 2.2.9 and Earlier with imapmagicplus Option Enabled Denial of Service Vulnerability in Linux Kernel's scm_send Function Unknown Impact and Attack Vectors in Linux Kernel 2.4.x io_edgeport Driver Overflows Integer handling vulnerabilities in PHP before 4.3.10 allow for bypassing safe mode restrictions and executing arbitrary code PHP Deserialization Vulnerability Directory Traversal Vulnerability in PHP 4.3.9's addslashes Function Allows Remote File Reading iCal Alarm Execution and Email Sending Vulnerability Symmetric Encryption Vulnerability in Kerio Winroute Firewall, ServerFirewall, and MailServer Local Privilege Escalation Vulnerability in Kerio Winroute Firewall, ServerFirewall, and MailServer on Windows Systems Heap-based Buffer Overflow Vulnerabilities in Imlib 1.9.14 and Earlier Integer Overflow Vulnerabilities in Imlib Image Handler Directory Traversal Vulnerability in unarj's -x Command Line Option Untrusted Execution Path Vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 Java Plugin Remote Code Execution Vulnerability Information Disclosure Vulnerability in Fcron 2.0.1, 2.9.4, and Earlier Versions Arbitrary Configuration File Loading Vulnerability in Fcron Arbitrary File Deletion and Creation Vulnerability in Fcron File Descriptor Leakage Vulnerability in Fcron 2.0.1 and 2.9.4 Buffer Overflow in Kaffeine and gxine Allows Remote Code Execution Multiple Integer Signedness Errors in up-imapproxy IMAP Proxy 1.2.2 Arbitrary Code Execution via XSS Vulnerability in SquirrelMail Mime.php Remote Code Execution Vulnerability in TWiki 20030201 Search Function FireWire/IEEE 1394 Design Flaw: Unauthorized Memory Access via Modified Client Denial of Service Vulnerability in SCO UnixWare's NFS Mountd Service HTML Help ActiveX Control Cross Domain Vulnerability Integer Overflow in LoadImage API of USER32 Lib: Cursor and Icon Format Handling Vulnerability Heap-based Buffer Overflow in Internet Explorer 6: IFRAME Vulnerability Command Execution Vulnerability in sudo (CVE-2010-0426) Buffer Overflow in BNC 2.8.9: Remote Code Execution via IRC Server Response Arbitrary Code Execution via Integer Overflow in FreeBSD Fetch Privilege Escalation via Untrusted Execution Path in invscout on IBM AIX Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 2.6.0-pl2 and Earlier DMA Lock Bypass Vulnerability in Linux Kernel 2.6 Memory Corruption Vulnerability in Linux Kernel 2.4.19 and Earlier Race Condition Vulnerability in Linux Kernel 2.6 Allows Unauthorized Access to Spawning Process Environment Variables Multiple Cross-Site Scripting (XSS) Vulnerabilities in mnoGoSearch 3.2.26 and Earlier Path MTU Discovery Attack Bugzilla XSS Vulnerability in Versions Prior to 2.18 Cross-Site Scripting (XSS) Vulnerabilities in ViewCVS 0.9.2 Local Privilege Escalation in PHP Safe Mode Bypassing Safe Mode in PHP 4.x and 5.x through Truncated File Paths Buffer Overflow in exif_read_data Function in PHP Vulnerability in cmdline pseudofiles in procfs and linprocfs on FreeBSD Buffer Overflow Vulnerability in Cyrus IMAP Server 2.2.9 and Earlier Race condition vulnerability in unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges through missing serialization. Race condition vulnerability in SELinux 2.6.x through 2.6.9 allows local users to cause kernel crash via SOCK_SEQPACKET unix domain sockets Vulnerability: Insecure Return Value Checking in load_elf_binary Function Arbitrary Code Execution via Failed mmap Function Call in Linux Kernel Buffer Overflow Vulnerability in binfmt_elf Loader Local Privilege Escalation via Readable ELF Binaries in Linux Kernel Denial of Service Vulnerability in Linux Kernel's binfmt Functionality Cross-site scripting (XSS) vulnerability in Zwiki standard_error_message.dtml allows remote code injection via a malformed URL Buffer Overflow Vulnerabilities in Atari800's RtConfigLoad Function Arbitrary Shortcut Creation Vulnerability in Citrix Program Neighborhood Agent and MetaFrame Presentation Server Client Stack-based Buffer Overflow in Citrix Program Neighborhood Agent and MetaFrame Presentation Server Client Buffer Overflow Vulnerability in ncplogin and ncpmap in ncpfs 2.2.4 Association Context Vulnerability in WINS Service Insecure Access to Secure Text Input Field in Apple Mac OS X 10.2.8 and 10.3.6 Nonce Verification Vulnerability in mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server Case Insensitive File Access Vulnerability in Apache for Apple Mac OS X 10.2.8 and 10.3.6 Remote File Disclosure Vulnerability in Apache for Apple Mac OS X 10.2.8 and 10.3.6 Force-Quit Key Combination Vulnerability in HIToolBox for Apple Mac OS X 10.3.6 Buffer Overflow Vulnerability in PSNormalizer for Apple Mac OS X 10.3.6 False Indication of Secure Keyboard Entry Enabled in Mac OS X 10.3.6 Terminal Replay Attack Vulnerability in Postfix Server for Apple Mac OS X 10.3.6 Local Privilege Escalation Vulnerability in Apple Mac OS X 10.3.6 Server with Kerberos Authentication and Cyrus IMAP Denial of Service Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Denial of Service Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Denial of Service Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Denial of Service Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Buffer Overflow in InnerMedia DynaZip DUNZIP32.dll File Version 5.00.03 and Earlier Multiple Integer Overflows in Image File Readers of zgv 5.8 Leading to Buffer Overflows Bypassing Antivirus Protection via Archive::Zip Perl Module Cherokee 0.4.17 Format String Vulnerability in cherokee_logger_ncsa_write_string Function Bypassing Virus Scanning in MIMEDefang via Empty Boundary String in Content-Type Header Authentication Bypass Vulnerability in Cisco Secure Access Control Server Arbitrary Web Script Execution via Cross-Site Scripting (XSS) in MailPost 5.1.1sv Remote Code Execution and Path Disclosure Vulnerability in MailPost 5.1.1sv Information Disclosure Vulnerability in MailPost 5.1.1sv Information Disclosure Vulnerability in MailPost 5.1.1sv URL Spoofing Vulnerability in Microsoft Internet Explorer 6.0 SP2 Information Disclosure Vulnerability in Nortel Networks Contivity VPN Client Cross-Site Scripting (XSS) Vulnerability in Gallery 1.4.4-pl3 and Earlier Symlink Attack Vulnerability in dispatch-conf in Portage 2.0.51-r2 and Earlier Arbitrary File Overwrite Vulnerability in qpkg of Gentoolkit 0.2.0_pre10 and Earlier Denial of Service Vulnerability in Kerio Personal Firewall 4.1.1 and Earlier Local File Overwrite Vulnerability in mtink Status Monitor for Epson Printers Denial of Service Vulnerability in Cisco IOS DHCP Packet Handling Buffer Overflow Timeout Bypass Vulnerability in Cisco Security Agent (CSA) SQL Injection Vulnerability in SQLgrey Postfix Greylisting Service Buffer Overflow in Skype 1.0.x.94 through 1.0.x.98 via Callto:// URL Handling Privilege Escalation Vulnerability in SETI Project Init Scripts Privilege Escalation Vulnerability in GIMPS Init Scripts Privilege Escalation Vulnerability in ChessBrain 20407 and Earlier Buffer Overflow in WodFtpDLX.ocx ActiveX Component Allows Remote Code Execution Winamp 5.05 and 5.06 Stack-based Buffer Overflow Vulnerability Remote Code Execution via Buffer Overflows in ProZilla 1.3.6-r2 and Earlier URL Spoofing Vulnerability in Apple Safari 1.0 through 1.2.3 Safari Dialog Box Spoofing Vulnerability Null Byte Denial of Service Vulnerability in Darwin Streaming Server 5.0.1 Chroot Jail Escape Vulnerability in SCO UnixWare 7.1.1-7.1.4 Buffer Overflow in Gfx::doImage Function in xpdf and Related Products Buffer Overflow Vulnerability in Open Dc Hub 0.7.14: Remote Code Execution via RedirectAll Command Arbitrary Code Execution via Long Filename Attachment in CMailServer 5.2 Arbitrary SQL Command Injection in CMailServer 5.2 Arbitrary Code Execution via Cross-Site Scripting (XSS) in CMailServer 5.2 Buffer Overflow Vulnerabilities in SCO OpenServer 5.0.6 and 5.0.7 enable Command Multiple Cross-Site Scripting (XSS) Vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) Buffer Overflow in Microsoft W3Who ISAPI (w3who.dll): Remote Code Execution and Denial of Service Vulnerability Buffer Overflow Vulnerabilities in WS_FTP Server 5.03 2004.10.14 Buffer Overflow Vulnerability in CuteFTP Professional 6.0 and Other Versions IGMP Functionality Vulnerabilities in Linux Kernel 2.4.22 to 2.4.28 and 2.6.x to 2.6.9 Arbitrary Command Execution via Crafted Modeline in VIM and gVim DICOM Dissector Denial of Service Vulnerability in Ethereal 0.10.4 through 0.10.7 Denial of Service and Disk Space Exhaustion Vulnerability in Ethereal 0.9.0 through 0.10.7 Denial of Service Vulnerability in Ethereal HTTP Dissector Denial of Service Vulnerability in Ethereal 0.9.0 through 0.10.7 via Malformed SMB Packet Weak Password Generation in Mailman 2.1.5: Increased Vulnerability to Brute Force Attacks Privilege Escalation Vulnerability in Linux 2.4 32bit Emulation Code on AMD64 Systems Konqueror in KDE 3.3.1 and earlier: Multiple Vulnerabilities Allowing Java Class Access and Sandbox Bypass Multiple Cross-Site Scripting (XSS) Vulnerabilities in CVSTrac 1.1.5 and Earlier Arbitrary Command Execution in phpMyAdmin 2.6.0-pl2 and Earlier Versions Arbitrary File Read Vulnerability in phpMyAdmin before 2.6.1 Insecure Permissions in Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4 Stack-based Buffer Overflow in Winamp in_cdda.dll Plugin Buffer Overflow Vulnerabilities in Linux 2.6.x: Local Privilege Escalation Buffer Overflow Vulnerability in Adobe Acrobat Reader 5.09 for Unix via Crafted PDF Attachment Adobe Acrobat Reader 6.0.0-6.0.2 Format String Vulnerability Samba Integer Overflow Vulnerability Window Injection Vulnerability in Internet Explorer 5.01 through 6 and Internet Explorer 7 on Windows XP SP2 Window Injection Vulnerability Window Injection Vulnerability Window Injection Vulnerability Window Injection Vulnerability in Netscape 7.x to 7.2 Arbitrary Program Execution Vulnerability in rssh 2.2.2 and Earlier Unison Command Execution Vulnerability Denial of Service Vulnerability in Cisco CNS Network Registrar Central Configuration Management (CCM) Server 6.0 through 6.1.1.3 Denial of Service Vulnerability in Cisco CNS Network Registrar 6.0 through 6.1.1.3 Arbitrary FTP Command Execution in Konqueror 3.3.1 CRLF Injection Vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and Earlier Arbitrary File Overwrite Vulnerability in mirrorselect before 0.89 MaxDB WebTools 7.5.00.18 and Earlier Stack-Based Buffer Overflow Vulnerability Denial of Service Vulnerability in MaxDB WebTools 7.5.00.18 and Earlier Arbitrary Command Execution in a2ps 4.13 via Filename Shell Metacharacters Insecure Storage of Credentials in KDE Desktop Files Stack-based Buffer Overflow in Veritas Backup Exec Agent Browser Bypassing Popup Blocker in Internet Explorer 6 via DHTML Editing Component (DEC) and Javascript Denial of Service Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Remote Code Execution in Midnight Commander via Insecure Filename Quoting Buffer Underflow Vulnerability in Midnight Commander (mc) 4.5.55 and Earlier Cross-Site Scripting (XSS) Vulnerability in Mailman Driver Script Symlink Attack Vulnerability in debstd Script of debmake Remote Denial of Service Vulnerability in rwho daemon (rwhod) before 0.17 on Little Endian Architectures Local File Overwrite Vulnerability in htmlheadline before 21.8 Authentication Bypass in HylaFAX hfaxd Integer Overflow in libtiff's tiffdump Utility Allows Remote Code Execution Arbitrary Command Execution Vulnerability in EPSF Pipe Support in enscript 1.6.3 Arbitrary Command Execution Vulnerability in Enscript 1.6.3 Multiple Buffer Overflows in enscript 1.6.3: Denial of Service Vulnerability Heap-based Buffer Overflow in pnm_get_chunk Function in xine 0.99.2 and Other Packages Buffer Overflow Vulnerability in pnm_get_chunk Function Heap-based Buffer Overflow in add_to_history function in libkadm5srv for MIT Kerberos 5 (krb5) Unauthorized Write Activities on CD Devices in SUSE Linux Race condition vulnerability in SuSE Linux 8.1 through 9.2 on SMP systems with over 4GB memory allows unauthorized memory access Format String Vulnerability in Citadel/UX 6.27 and Earlier Allows Remote Code Execution Bypassing Intrusion Prevention in Prevx Home 1.0 by Writing to \device\physicalmemory Buffer Overflow Vulnerability in Star Wars Battlefront 1.11 and Earlier: Remote Denial of Service via Long Nickname Remote Denial of Service Vulnerability in Star Wars Battlefront 1.11 and Earlier Insite Inmail inmail.pl XSS Vulnerability Arbitrary Web Script Injection Vulnerability in inshop.pl in Insite inShop Denial of Service Vulnerability in Microsoft Internet Explorer through Nested Array Sorting Denial of Service Vulnerability in Safari 1.2.4 on Mac OS X 10.3.6 Denial of Service Vulnerability in Firefox and Mozilla: Memory Consumption Crash Denial of Service Vulnerability in Opera 7.54 Arbitrary Web Script Injection in phpCMS 1.2.1 and Earlier Information Disclosure Vulnerability in phpCMS 1.2.1 and Earlier Buffer Overflow Vulnerability in FluxBox 0.9.10 and Earlier Versions Sensitive Information Disclosure in PnTresMailer 6.03 via Invalid filetohighlight Parameter Arbitrary File Read Vulnerability in pnTresMailer 6.0.3 Denial of Service Vulnerability in Serious Engine Buffer Overflow Vulnerability in Orbz 2.10 and Earlier: Remote Code Execution and Denial of Service Price Manipulation Vulnerability in Verisign Payflow Link Arbitrary Web Script Injection in IPCop Proxylog.dat Multiple Buffer Overflows in Mercury/32 4.01a IMAP Service Arbitrary File Download Vulnerability in Blog Torrent Preview 0.8 Arbitrary Web Script Injection Vulnerability in Advanced Guestbook 2.3.1 and Earlier Versions Remote Code Execution Vulnerability in Kreed 1.05 and Earlier Denial of Service Vulnerability in Kreed 1.05 and Earlier Denial of Service Vulnerability in Kreed 1.05 and Earlier: Server Freeze via Long Nickname or Model Type Arbitrary Directory Viewing Vulnerability in Hosting Controller 6.1 Hotfix 1.4 Denial of Service Vulnerability in Remote Execute 2.30 Session Directory Listing Vulnerability in paFileDB 3.1 Remote Denial of Service Vulnerability in Battlefield 1942 and Battlefield Vietnam WebLibs 1.0 Directory Traversal Vulnerability Arbitrary Command Execution in WebLibs 1.0 via TextFile Parameter Information Disclosure Vulnerability in F-Secure Policy Manager 5.11.2810 Off-by-one vulnerability in mtr_curses_keyaction function allows local users to hijack raw sockets SQL Injection Vulnerability in SugarCRM Sugar Sales before 2.0.1a Information Disclosure Vulnerability in SugarCRM Sugar Sales 2.0.1c and Earlier Directory Traversal Vulnerability in SugarCRM Sugar Sales 2.0.1c and Earlier Vulnerability: Cleartext MySQL Administrative Password Exposure in SugarCRM Sugar Sales 2.0.1c and Earlier Cross-Site Scripting Vulnerability in Gadu-Gadu Parser for http:// and news:// URLs Remote Information Disclosure Vulnerability in Gadu-Gadu via DCC and CTCP Packet Gadu-Gadu Directory Traversal Vulnerability Remote Code Execution via Stack-based Buffer Overflow in Gadu-Gadu Image Sending Gadu-Gadu Integer Overflow Vulnerability Denial of Service Vulnerability in Linux load_elf_binary() Function Race condition vulnerability in load_elf_library and binfmt_aout functions in Linux kernel 2.4 through 2.4.29-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code via VMA descriptor manipulation. Remote Code Execution Vulnerability in Netscape Directory Server (NDS) 3.6 Denial of Service Vulnerability in Red Hat Enterprise Linux 3 Audit Subsystem PNG Processing Vulnerability in Windows Media Player 9 Remote Code Execution Vulnerability in WinRAR 3.40 and Earlier Versions via Long Filename ZIP File Arbitrary Code Execution Vulnerability in expandtabs Function of 2fax 3.04 Buffer Overflow Vulnerabilities in abc2midi 2004.12.04: Remote Code Execution Remote Code Execution Vulnerability in abc2mtex 1.6.1 via Crafted ABC Files Buffer Overflow in put_words function in abcm2ps 3.7.20: Remote Code Execution Vulnerability Arbitrary Code Execution via Buffer Overflows in abcpp 1.3.0 Remote Code Execution Vulnerabilities in abctab2ps 1.6.3 via Crafted ABC Files Arbitrary Code Execution Vulnerability in asp2php 0.76.23 Remote Code Execution Vulnerability in libbsb Allows Arbitrary Code Execution via Crafted BSB Pictures Arbitrary Code Execution via PATH Manipulation in ChangePassword 0.8 Buffer Overflow Vulnerability in ChBg 1.5's simplify_path Function in config.c Buffer Overflow in Convex 3D 0.8pre1: Remote Code Execution via Crafted 3DS File Buffer Overflow in get_field_headers function in csv2xml.cpp for csv2xml 0.5.1 Remote Code Execution Vulnerability in CUPS 1.1.22 via Crafted HPGL File CUPS 1.1.22 Local File Corruption Vulnerability File-size resource limit in lppasswd of CUPS 1.1.22 leads to failure in subsequent invocations Local Privilege Escalation in CUPS 1.1.22 via lppasswd Input Control Remote Code Execution Vulnerability in dxfscope 0.2 via Crafted DXF File Remote Code Execution Vulnerability in Elm/Bolthole Filter 2.6.1 Buffer Overflow in DownloadLoop Function in greed 0.81p Allows Remote Code Execution Arbitrary Code Execution Vulnerability in greed 0.81p via GRX File Handling Buffer Overflow in remove_quote function in convert.c for html2hdml 1.0.3 Local Privilege Escalation Vulnerability in IglooFTP 0.6.1 Arbitrary File Overwrite Vulnerability in IglooFTP 0.6.1 Buffer Overflow in switch_voice function in parse.c for jcabc2ps 20040902 JPEGtoAVI 1.5 Buffer Overflow Vulnerability Arbitrary Command Execution via FTP Server in junkie 0.3.1 Arbitrary File Overwrite Vulnerability in junkie 0.3.1 FTP_retr Function Buffer Overflow in LinPopUp 1.2.0's strexpand Function Allows Remote Code Execution Buffer Overflow in Mesh Viewer 0.2.2: Remote Code Execution Vulnerability Buffer Overflow in find_next_file function in mpg123 0.59r allows remote code execution via crafted MP3 playlist Buffer Overflow in MPlayer 1.0pre5's get_header Function Allows Remote Code Execution Buffer Overflow Vulnerability in NapShare 1.2 Allows Remote Code Execution Buffer Overflow Vulnerability in NASM 0.98.38 1.2 Preproc.c Error Function Remote Code Execution Vulnerability in o3read 0.0.3 via Crafted SXW File Buffer Overflow Vulnerabilities in pcal 4.7.1 Allow Remote Code Execution via Crafted Calendar File Remote Code Execution Vulnerability in pgn2web 0.3 via Buffer Overflow in process_moves function Buffer Overflow in qwik-smtpd Allows Remote Attackers to Use Server as SMTP Spam Relay Remote Code Execution Vulnerability in ringtonetools 2.22 via Crafted eMelody File Buffer Overflow in ReadFontTbl Function in rtf2latex2e 1.0fc2: Remote Code Execution Vulnerability Arbitrary File Overwrite Vulnerability in tnftp 20030825 Insufficient Permission Check in slip_down Function Allows Denial of Service Symlink Attack Vulnerability in groff 1.18.1's eqn2graph and pic2graph Scripts Remote Code Execution Vulnerability in unrtf 0.19.3 via Crafted RTF File Buffer Overflow Vulnerability in parse function of vb2c.c in vb2c 0.02 Remote Code Execution Vulnerability in vilistextum 2.6.6 via Buffer Overflow in get_attr Function Buffer Overflow in open_aiff_file function in xine-lib (libxine) 1-rc7 allows remote code execution via crafted AIFF file Buffer Overflow in xlreader 0.9.0: Remote Code Execution via Crafted Excel File Arbitrary Command Execution via Double Quotes in YAMT 0.5's id3tag_sort Function Remote Code Execution Vulnerability in Yanf 0.4 via Buffer Overflow in get.c ELF Header Parsing Code Stack-Based Buffer Overflow Vulnerability Windows Animated Cursor (ANI) Vulnerability Heap-based Buffer Overflow in winhlp32.exe Allows Remote Code Execution Heap-based buffer overflow in libtiff 3.6.1 via STRIPOFFSETS flag and large number of strips Heap-based Buffer Overflow in libtiff 3.5.7 and 3.7.0 Heap-based Buffer Overflow in demux_open_bmp Function in MPlayer 1.0pre5 Stack-based Buffer Overflow in MPlayer 1.0pre5 Allows Remote Code Execution via MMST Stream Packet Integer Overflow and Heap-Based Buffer Overflow in Unix MPlayer 1.0pre5 Real RTSP Streaming Media File Handling HTML Parser Bug in Microsoft Library Allows Denial of Service in GFI MailEssentials and GFI MailSecurity Privilege Escalation Vulnerability in My Firewall Plus 5.0 build 1117 Safari 1.x Window Injection Vulnerability Arbitrary PHP Code Execution in phpBB 2.x (CVE-2004-1315) Heap-based Buffer Overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp Netcat for Windows 1.1 - Stack-based Buffer Overflow Vulnerability Arbitrary HTML and Script Injection via Tab Character in Namazu.cgi Arbitrary Web Script Injection Vulnerability in DHTML Edit Control (dhtmled.ocx) Default Username and Password Vulnerability in Asante FM2008 Firmware 1.06 Cleartext Storage of Credentials in Asante FM2008 Firmware 1.06 Hard-coded Usernames and Passwords in Cisco Unity Integration with Microsoft Exchange Denial of Service Vulnerability in NetBSD Compat Subsystem Arbitrary Web Script Execution in Microsoft Windows Media Player 9.0 ActiveX Control File Existence Disclosure Vulnerability in Windows Media Player 9.0 ActiveX Control Buffer Overflow Vulnerability in dxterm in Ultrix 4.5 Buffer Overflow in Crystal FTP Client 2.8 Allows Remote Code Execution via Long File Extension in LIST Response Elevated Privilege Vulnerability in HP-UX newgrp Untrusted Execution Path Vulnerability in AIX Diag Commands Buffer Overflow Vulnerability in paginit in AIX 5.1 through 5.3 Bypassing File Download - Security Warning Dialog in Microsoft Internet Explorer 6.0 SP2 HP-UX FTP Daemon Stack-based Buffer Overflow Vulnerability Integer Overflow and Buffer Overflow Vulnerability in Linux Kernel's vc_resize Function Integer Overflow in Linux Kernel's ip_options_get Function Memory Leak Vulnerability in Linux Kernel's ip_options_get Function Predictable File Names Vulnerability in xdvizilla Script Privilege Escalation Vulnerability in POSIX Capability Linux Security Module (LSM) for Linux Kernel 2.6 Privilege Escalation via Triggers in Oracle 9i and 10g SQL Injection Vulnerability in Oracle 9i and 10g Triggers MDSYS.SDO_GEOM_TRIG_INS1 and MDSYS.SDO_LRS_TRIG_INS World-readable pam_radius_auth.conf file in Debian GNU/Linux 3.0 allows local users to access sensitive information Arbitrary Web Script Injection in info2www before 1.2.2.9 Authentication Bypass Vulnerability in CVS 1.12 and Earlier on Debian GNU/Linux Denial of Service Vulnerability in CVS 1.12 and Earlier on Debian GNU/Linux Root Access Vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 Denial of Service Vulnerability in Sun Solaris Volume Manager (SVM) on Solaris 9 XDM Denial of Service Vulnerability Denial of Service Vulnerability in in.named on Solaris 8 Privilege Escalation via Hard Links in gzip (Solaris 8) Arbitrary Code Execution Vulnerabilities in Sun Java System Web Proxy Server Remote Code Execution Vulnerability in Solaris rwho daemon (in.rwhod) Buffer Overflow Vulnerability in Solaris Ping Daemon Privilege Escalation Vulnerability in LDAP on Sun Solaris 8 and 9 with RBAC Information Disclosure Vulnerability in Solaris Management Console (SMC) TCP/IP Stack Denial of Service Vulnerability in Sun Solaris 8 and 9 Denial of Service Vulnerability in Solaris sendfilev Function Inadequate IP Address Logging in Sun Solaris 9 SSHD Configuration Vulnerability: Disabling BSM Auditing Functionality in Sun Solaris 9 Patches Buffer Overflow Vulnerabilities in uucp for Sun Solaris 2.6, 7, 8, and 9 Arbitrary File Overwrite Vulnerability in conv_fix in Sun Solaris 7 through 9 Heap-based Buffer Overflow in winhlp32.exe via Malformed .hlp File Improper Character Conversion Vulnerability in Oracle Application Server 10g Buffer Overflow in Oracle 10g extproc Allows Remote Code Execution via Environment Variables Arbitrary Library Access via Directory Traversal in Oracle extproc Unauthenticated Arbitrary Command Execution in Oracle Extproc Cleartext Storage of SYSMAN Password in Oracle 10g Database Server Oracle 10g Database Server Password Disclosure Vulnerability Arbitrary File Execution Vulnerability in ISQL*Plus in Oracle 10g Application Server Oracle 10g TNS Listener Denial of Service Vulnerability Multiple SQL Injection Vulnerabilities in PL/SQL Procedures with Definer Rights in Oracle 9i and 10g Stack-based Buffer Overflow in Oracle 9i and 10g: Remote Code Execution via Long Token in Wrapped Procedure Stack-based Buffer Overflow Vulnerabilities in IBM DB2 7.x and 8.1 SHOUTcast 1.9.4 Format String Vulnerability Multiple Buffer Overflows in NetBSD Kernel: Arbitrary Code Execution and Privilege Escalation Vulnerability Privilege Escalation Vulnerability in HP-UX System Administration Manager (SAM) FTP Directory Traversal Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Arbitrary File Overwrite Vulnerability in a2ps Scripts Denial of Service Vulnerability in Expat XML Parser Heap-based Buffer Overflow in DVD Subpicture Decoder in xine-lib 1-rc5 and Earlier Dialog Box Spoofing Vulnerability in Firefox and Mozilla Tabnabbing Vulnerability Local Privilege Escalation via Symlink Attack in glibcbug Script Multiple SQL Injection Vulnerabilities in phpGroupWare 0.9.16.003 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpGroupWare 0.9.16.003 and Earlier Information Disclosure Vulnerability in phpGroupWare 0.9.16.003 and Earlier Arbitrary PHP Script Execution in TikiWiki before 1.8.4.1 Symlink Attack Vulnerability in check_forensic Script of apache-utils Package 1.3.31 Format String Vulnerability in BerliOS GPD Daemon (gpsd) Allows Remote Code Execution Arbitrary Command Execution Vulnerability in Veritas NetBackup Administrative Assistant Interface Multiple Buffer Overflows in QNX RTP 6.1 PPPoE Daemon Untrusted Execution Path Vulnerability in QNX RTP 6.1 PPPoE Daemon Arbitrary File Read Vulnerability in PHP 4.0 with cURL Functions Denial of Service Vulnerability in tcsetattr Function for Sun Solaris SPARC 2.6, 7, and 8 Privilege Escalation via Invalid Entry in pfexec Function Lithtech Engine Denial of Service Vulnerability Denial of Service Vulnerability in Winamp 5.07 and Other Versions UseModWiki 1.0 Cross-Site Scripting (XSS) Vulnerability Format String Vulnerability in Apple OS X's prelink.c in kextload Arbitrary File Read Vulnerability in Attachment Module for phpBB Unauthenticated Access to ASP Calendar Control Panel SQL Injection Vulnerability in Asp-rider's verify.asp Allows Remote Authentication Bypass SQL Injection Vulnerability in iWebNegar: Remote Code Execution Remote File Inclusion Vulnerability in GNUBoard 3.39 and Earlier: Arbitrary PHP Code Execution Arbitrary Code Execution Vulnerability in Attachment Mod 2.3.10 for phpBB Arbitrary Code Execution via File Upload in MediaWiki 1.3.8 and Earlier SQL Injection Vulnerability in Ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 Directory Traversal Vulnerabilities in singapore Image Gallery Web Application 0.9.10 Arbitrary File Upload Vulnerability in Image Gallery Web Application 0.9.10 Cross-Site Scripting Vulnerabilities in Image Gallery Web Application 0.9.10 Arbitrary Web Script Injection via URL in Gadu-Gadu Build 155 and Earlier Denial of Service Vulnerability in Gadu-Gadu Build 155 and Earlier Arbitrary Web Script Injection Vulnerability in Kayako eSupport 2.x Multiple SQL Injection Vulnerabilities in Kayako eSupport 2.x Denial of Service Vulnerability in Gadu-Gadu 6.1 Build 156 SQL Injection Vulnerability in disp_album.php and disp_img.php in 2Bgal 2.4 and 2.5.1 Denial of Service and Remote Code Execution Vulnerability in RealOne 2.0 Build 6.0.11.868 Browser Plugin Cross-Site Scripting (XSS) Vulnerability in PsychoStats 2.2.4 Beta and Earlier Unquoted E-mail Address XSS Vulnerability in WPKontakt 3.0.1 and Earlier ZeroBoard 4.1pl4 and Earlier: PHP Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in WHM AutoPilot 2.4.6.5 and Earlier Remote File Inclusion Vulnerabilities in WHM AutoPilot 2.4.6.5 and Earlier Information Disclosure Vulnerability in WHM AutoPilot 2.4.6.5 and Earlier PHP Remote File Inclusion Vulnerabilities in Sean Proctor PHP-Calendar Arbitrary Web Script Injection Vulnerability in Moodle 1.4.2 and Earlier Arbitrary Session File Reading Vulnerability in Moodle 1.4.2 and Earlier KorWeblog 1.6.2-cvs Directory Traversal Vulnerability PHP Remote File Inclusion Vulnerability in KorWeblog 1.6.2-cvs and Earlier Username Enumeration Vulnerability in ArGoSoft FTP Server Unlimited Password Attempts Vulnerability in ArGoSoft FTP 1.4.2.4 and Earlier SQL Injection Vulnerability in IbProArcade's show_stats Module Arbitrary File Read Vulnerability in FormMail.php 5.0 Denial of Service Vulnerability in Cisco ONS 15327, ONS 15454, and ONS 15454 SDH Denial of Service Vulnerability in Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Cisco ONS Multiple Versions SNMP Denial of Service Vulnerability Denial of Service Vulnerability in Cisco ONS 15327, ONS 15454, and ONS 15454 SDH Blank Password Bypass Vulnerability in Cisco ONS 15327 and 15454 Arbitrary Code Execution via Buffer Overflows in Pavuk Digest Authentication Unauthorized Repository Access via mod_authz_svn in Subversion 1.0.4-r1 and Earlier Remote Code Execution Vulnerability in BlackJumboDog 3.x via Long FTP Commands Heap-based Buffer Overflows in PuTTY modpow Function Arbitrary Web Script Injection Vulnerability in Board Power 2.04PF IBM Net.Data 7 and 7.2 CGI Interpreter Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection in Horde-IMP MIME Viewer Roundup 0.6.4 Directory Traversal Vulnerability Race Condition Vulnerability in nessus-adduser Denial of Service Vulnerability in Juniper Networks NetScreen Firewall Plaintext Password Storage Vulnerability in Jetbox One 2.0.8 and Other Versions Remote Code Execution in Jetbox One 2.0.8 and Other Versions File Location Disclosure Vulnerability in Mozilla, Firefox, and Thunderbird LiveConnect Vulnerability: Remote File Reading in Mozilla 1.7 Beta URL Spoofing Vulnerability in Mozilla 1.6 and earlier Privilege Escalation Vulnerability in Tomcat Init Scripts Information Disclosure Vulnerability in GNU glibc Cisco IOS OSPF Denial of Service Vulnerability Remote Code Execution Vulnerability in Xine-lib-rc5 Arbitrary Command Execution Vulnerability in Filediff of CVStrac Denial of Service Vulnerability in Novell Bordermanager 3.8 VPN Capability Denial of Service Vulnerability in Cisco Secure Access Control Server (ACS) 3.2(2) Denial of Service Vulnerability in Cisco Secure ACS 3.2 LEAP RADIUS Proxy Unauthorized Access to AAA Clients via Blank Password in Cisco Secure Access Control Server (ACS) 3.2(3) and Earlier Unauthenticated TCP Connection Vulnerability in Cisco Secure Access Control Server (ACS) Unauthorized Access to Administrator Functions in MoinMoin 1.2.2 and Earlier Unspecified ACL-related vulnerability in MoinMoin PageEditor Denial of Service Vulnerability in Cisco IOS 12.2(15) and Earlier Buffer Overflow Vulnerabilities in WinZip 9.0 and Earlier: Arbitrary Code Execution Arbitrary Script Execution via set_time_limit Vulnerability in Gallery Multiple Cross-Site Scripting (XSS) Vulnerabilities in eGroupWare 1.0.00.003 and Earlier Arbitrary Command Execution Vulnerability in Usermin and Webmin Format String Vulnerability in Log Function in SUS 2.0.2 and Earlier Versions CRLF Injection Vulnerability in SnipSnap 0.5.2a and Earlier Versions CVS Format String Vulnerability Denial of Service Vulnerability in Symantec Enterprise Firewall/VPN Appliances Vulnerability: Remote Service Detection Bypass in Symantec Enterprise Firewall/VPN Appliances and Gateway Security Default SNMP Community String Vulnerability in Symantec Enterprise Firewall/VPN Appliances and Gateway Security Appliances Stack-based Buffer Overflow Vulnerabilities in xine-lib 1-rc2 through 1-rc5 Stack-based Buffer Overflow in xine-lib VideoCD Code JRun 4.0 Management Console Cross-Site Scripting (XSS) Vulnerability JRun 4.0 Session Fixation Vulnerability Bypassing Access Restrictions in HP StorageWorks Command View XP 1.8B and Earlier Heap-based Buffer Overflow in RealPlayer and RealOne Player Backspace Character Vulnerability in BNC Allows Remote Authentication Bypass Unknown Vulnerabilities in Symantec Clientless VPN Gateway 4400 Series 5.0 ActiveX and HTML File Browsers Format String Vulnerability in socat's _msg Function in error.c Remote Code Execution Vulnerability in InetUtils 1.4.2 TFTP Client Unspecified Remote Privilege Escalation Vulnerability in Serviceguard and Cluster Object Manager Remote File Overwrite Vulnerability in Wget 1.8.x and 1.9.x Terminal Escape Sequence Injection Vulnerability in Wget 1.8.x and 1.9.x Inadequate Access Restriction in Opera 7.54 and Earlier Allows Information Disclosure File Type Spoofing Vulnerability in Opera 7.54 and Earlier Arbitrary Code Execution via Opera 7.54 and Earlier's kfmclient exec Vulnerability Denial of Service Vulnerability in Master of Orion III 1.2.5 and Earlier Remote Denial of Service Vulnerability in Master of Orion III 1.2.5 and Earlier Buffer Overflow Vulnerability in XDICT Screen Fetch Option Denial of Service Vulnerability in WinRAR 3.40 via Corrupt ZIP Archive Web Forums Server 1.6 and 2.0 Power Pack Directory Traversal Vulnerability Plaintext Password Storage Vulnerability in Web Forums Server Power Pack SQL Injection Vulnerability in HELM 3.1.19 and Earlier: Remote Code Execution via messageToUserAccNum Parameter Arbitrary Code Execution via Cross-Site Scripting (XSS) in HELM 3.1.19 and Earlier Lithtech Engine Format String Vulnerability Denial of Service Vulnerability in 602 Lan Suite 2004.0.04.0909 and Earlier Denial of Service Vulnerability in 602 Lan Suite 2004.0.04.0909 and Earlier Integer Overflow in InitialDirContext in Java Runtime Environment (JRE) 1.4.2 and 1.5.0 Information Disclosure Vulnerability in Just Another Flat file (JAF) CMS 3.0RC Directory Traversal Vulnerability in Just Another Flat file (JAF) CMS 3.0RC Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebCalendar CRLF Injection Vulnerability in WebCalendar's login.php Allows HTTP Response Splitting Attacks Arbitrary Local PHP Script Execution in WebCalendar via user_inc Parameter Sensitive Information Disclosure in WebCalendar's validate.php Remote Privilege Escalation in WebCalendar via Critical Parameter Modification Unauthenticated Remote Code Execution in Hotfoon 4.0 via Unnotified Browser Links Unquoted script code in 04WebServer 1.42 allows for remote execution of arbitrary web script or HTML Log Injection Vulnerability in 04WebServer 1.42 Denial of Service Vulnerability in 04WebServer 1.42 SQL Injection Vulnerability in vBulletin 3.0.x ttlast.php and last10.php CRLF Injection Vulnerability in phpWebSite 0.9.3-4 Allows HTTP Response Splitting Attacks via block_username Parameter Bypassing Active Link Filtering in Zone Labs IMsecure and IMsecure Pro SQL Injection Vulnerability in Phorum 5.0.12 and Earlier: Remote Code Execution via follow.php SQL Injection Vulnerability in phpBugTracker 0.9.1: Remote Code Execution Stack-based Buffer Overflow in IPSwitch IMail 8.13 via Long IMAP DELETE Command Eudora 6.2.0.14 Email Client Vulnerability: Lack of Warning for Forwarded Messages with Encoded Attachments Format String Vulnerability in Army Men RTS 1.0: Remote Denial of Service via Nickname Format String Vulnerability in Hired Team: Trial 2.0 and Earlier and 2.200 Game Console Denial of Service Vulnerability in Hired Team: Trial 2.0 and Earlier and 2.200 Denial of Service Vulnerability in Hired Team: Trial 2.0 and Earlier and 2.200 Unrestricted Server Exploitation in Hired Team: Trial 2.0 and Earlier and 2.200 Cookie Hijacking Vulnerability in Microsoft Internet Explorer 6.0 SP1 Sensitive Information Disclosure in Event Calendar Module 2.13 for PHP-Nuke Arbitrary Web Script Execution in Event Calendar Module 2.13 for PHP-Nuke SQL Injection Vulnerability in Event Calendar Module 2.13 for PHP-Nuke SQL Injection Vulnerability in Invision Power Board (IPB) 2.0.0 - 2.0.2 via qpid Parameter in post.php Default Username and Password Vulnerability in AppServ 2.5.x and Earlier Buffer Overflow Vulnerability in DMS POP3 1.5.3.27 and Earlier Denial of Service Vulnerability in ZoneAlarm and ZoneAlarm Pro Remote File Inclusion Vulnerability in admin_cash.php for Cash Mod Module in phpBB SQL Injection Vulnerability in ibProArcade Module for Invision Power Board (IPB) 1.x and 2.x Arbitrary Web Script Execution via img Parameter in PHPKIT 1.6.03 through 1.6.1 Arbitrary SQL Command Execution Vulnerability in PHPKIT 1.6.03 through 1.6.1 Remote Denial of Service Vulnerability in Halo: Combat Evolved 1.05 and Earlier Unauthenticated Access to Router Configuration File Reset in ZyXEL Prestige Routers Arbitrary Command Execution via Telnet URL in SecureCRT Buffer Overflow Vulnerability in Soldier of Fortune II 1.03 Gold and Earlier Directory Traversal Vulnerability in KorWeblog 1.6.2-cvs and Earlier Arbitrary Web Script Execution via Cross-Site Scripting (XSS) Vulnerability in JSPWiki 2.1.120-cvs and Earlier Arbitrary Code Execution via File Upload in MoniWiki 1.0.9.2 and Earlier Buffer Overflow Vulnerabilities in MDaemon 6.5.1: Remote Denial of Service Attacks Buffer Overflow Vulnerability in ActivePost Standard 3.1 and Earlier Arbitrary File Upload Vulnerability in ActivePost Standard 3.1 Cleartext Transmission of Passwords in ActivePost Standard 3.1 Conference Menu Authentication Bypass Vulnerability in Motorola WR850G Wireless Router Firmware 4.03 Cross-Site Scripting (XSS) Vulnerability in paFileDB 3.1 Final's Email and File Modules SQL Injection Vulnerability in aspWebCalendar Allows Remote Code Execution SQL Injection Vulnerability in aspWebAlbum: Remote Code Execution via Login and Album Parameters Remote File Inclusion Vulnerability in @lex Guestbook's livre_include.php Allows Arbitrary PHP Code Execution Multiple SQL Injection Vulnerabilities in BroadBoard Instant ASP Message Board Denial of Service Vulnerability in MyWebServer 1.0.3 Authentication Bypass and Arbitrary File Access in MyWebServer 1.0.3 Stack-based Buffer Overflow Vulnerabilities in YPOPs! (YahooPOPS) 0.4 through 0.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in WordPress 1.2 Denial of Service Vulnerability in Microsoft SQL Server 7.0 Icecast 2.0.1 Buffer Overflow Vulnerability SQL Injection Vulnerability in w-Agora 4.1.6a via redir_url.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in w-Agora 4.1.6a CRLF Injection Vulnerability in w-Agora 4.1.6a's subscribe_thread.php Path Disclosure Vulnerability in w-Agora 4.1.6a Silent Storm Portal 2.1 and 2.2 index.php XSS Vulnerability Privilege Escalation via mail parameter in Silent Storm Portal 2.1 and 2.2 ParaChat Server 5.5 Directory Traversal Vulnerability Buffer Overflow in dBpowerAMP Audio Player and Music Converter Arbitrary SQL Command Execution in bBlog 0.7.2 and 0.7.3 AJ-Fork 167 Path Disclosure Vulnerability Directory Listing Vulnerability in AJ-Fork 167 Insecure Permissions in AJ-Fork 167 Allow Arbitrary Code Execution and Privilege Escalation Buffer Overflow Vulnerability in Vypress Messenger 3.5.1 and Earlier XML Parser Denial of Service Vulnerability Judge Dredd: Dredd vs. Death Format String Vulnerability Sensitive Information Disclosure in PHP Links via Invalid Show Parameter Invision Power Board 2.0.0 - Cross-Site Scripting (XSS) Vulnerability in index.php Sensitive Information Disclosure in CubeCart 2.0.1 via Invalid cat_id Parameter SQL Injection Vulnerability in CubeCart 2.0.1: Remote Code Execution via cat_id Parameter Information Disclosure Vulnerability in BlackBoard 1.5.1 BlackBoard 1.5.1 Remote File Inclusion Vulnerability TriDComm FTP Server Directory Traversal Vulnerability CRLF Injection Vulnerability in WordPress wp-login.php Allows HTTP Response Splitting Attacks Denial of Service Vulnerability in Flash Messaging 5.2.0g (rev 1.1.2) and Earlier Flash Messaging Server 5.2.0g (rev 1.1.2) Vulnerability: Ignoring Disconnecting Commands Buffer Overflow Vulnerability in Monolith Games: Remote Denial of Service via Long Secure Gamespy Query SQL Injection Vulnerability in GoSmart Message Board Cross-Site Scripting (XSS) Vulnerability in GoSmart Message Board Clientexec Remote Information Disclosure Vulnerability Default Password Reset Vulnerability in Micronet Wireless Broadband Router SP916BM Remote File Inclusion Vulnerability in ocPortal 1.0.3 and Earlier: Arbitrary PHP Code Execution SCT Campus Pipeline Cross-Site Scripting (XSS) Vulnerability in render.UserLayoutRootNode.uP FuseTalk 4.0 Cross-Site Scripting (XSS) Vulnerability Buffer Overflow in ShixxNote 6.net Build 117: Remote Code Execution via Long Font Field 3COM Wireless Router 3CRADSL72 Boot Code 1.3d Information Disclosure Vulnerability Denial of Service and Data Corruption Vulnerability in RIM Blackberry 7230 Arbitrary File Reading Vulnerability in Adobe Acrobat and Acrobat Reader 6.0 Arbitrary Code Execution via Cross-Site Scripting (XSS) in CoolPHP 1.0-stable Sensitive Information Disclosure in CoolPHP 1.0-stable via Invalid op Parameter CoolPHP 1.0-stable Directory Traversal Vulnerability Timing-based User Enumeration in ProFTPD 1.2.x Local File Disclosure and Privilege Escalation in cPanel 9.4.1-RELEASE-64 Arbitrary File Chmod Vulnerability in cPanel 9.9.1-RELEASE-3 Authentication Bypass Vulnerability in SalesLogix 6.1 Denial of Service and Information Leakage Vulnerability in SalesLogix 6.1 Information Disclosure Vulnerability in slxweb.dll SQL Injection Vulnerability in SalesLogix 6.1: Remote Code Execution via id Parameter Insecure Transmission of Sensitive Information in SalesLogix 6.1 Arbitrary File Creation and Code Execution Vulnerability in SalesLogix 6.1 Authentication Bypass and Command Execution Vulnerability in SalesLogix 6.1 SalesLogix 6.1 Directory Traversal Vulnerability Denial of Service Vulnerability in Mozilla via Null Dereference or Infinite Loop Remote Denial of Service Vulnerability in Mozilla Opera Denial of Service Vulnerability via Large COL SPAN Value in TBODY Tag Denial of Service Vulnerability in Links via Large Rowspan Value Denial of Service Vulnerability in Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 Denial of Service Vulnerability in Vypress Tonecast 1.3 and Earlier Buffer Overflow Vulnerability in Privateer's Bounty: Age of Sail II CRLF Injection Vulnerability in Serendipity before 0.7rc1 Cross-Site Scripting (XSS) Vulnerability in IBM Lotus Notes and Domino SQL Injection Vulnerability in UBB.threads 3.4.x via Name Parameter in dosearch.php Denial of Service Vulnerability in Windows XP SP1 WAV File Property Handler Privilege Escalation in Carbon Copy 6.0.5257 through Help Topic Interface Denial of Service Vulnerability in pGina 1.7.6 and Older Versions Remote Code Execution Vulnerability in Ability Server 2.34 via Long STOR Command Remote Code Execution Vulnerability in Ability Server 2.25, 2.32, 2.34, and possibly other versions Remote Code Execution via Format String Vulnerability in rssh log.c SQL Injection Vulnerabilities in Dwc_articles 1.6 and Earlier: Remote Code Execution OpenWFE 1.4.x Login Form XSS Vulnerability Remote Port Scanning Vulnerability in OpenWFE 1.4.x Arbitrary Web Script Injection Vulnerability in MoniWiki 1.0.8 and Earlier Unrestricted Modification of Keywords in Bugzilla via process_bug.cgi Information Disclosure Vulnerability in Bugzilla 2.17.1 through 2.18rc2 and 2.19 Insufficient Protection of Private Attachments in Bugzilla Heap-based Buffer Overflow in WvTftp Server's new_connection Function Remote Access Vulnerability in Hawking Technologies HAR11A Modem/Router Remote Code Execution Vulnerability in MailCarrier 2.51 via Long EHLO and HELO Commands Denial of Service Vulnerability in Mozilla Firefox, Mozilla 5.0, and Gecko 20040913 Cross-Site Scripting (XSS) Vulnerabilities in XOOPS 0.94 and 1.0 Heap-based Buffer Overflow in Titan FTP 3.21 and Earlier: Remote Denial of Service via Long FTP Command Denial of Service Vulnerability in WFTPD Pro Server 3.21 WS_FTP 5.0.2 Denial of Service Vulnerability via Invalid CD Command Denial of Service Vulnerability in Xedus 1.0 Xedus 1.0 Cross-Site Scripting (XSS) Vulnerability Xedus 1.0 Directory Traversal Vulnerability SQL Injection Vulnerability in Password Protect: Bypassing Authentication and Executing Arbitrary SQL Statements Arbitrary Web Script Injection Vulnerability in Password Protect Buffer Overflow Vulnerability in Microsoft Msinfo32.exe D-Link DCS-900 Internet Camera Remote IP Address Change Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in phpScheduleIt 1.0.0 RC1 Registration Page Privilege Escalation Vulnerability in phpScheduleIt 1.0.0 RC1 OpenSSH Default Configuration Vulnerability: Potential Port Bounce Exploit SQL Injection Vulnerability in phpWebsite Calendar Module Arbitrary Web Script Injection in phpWebsite 0.9.3-4 and Earlier CRLF Injection Vulnerability in Comersus Shopping Cart 5.0991 XSS Vulnerability in Newtelligence DasBlog Activity and Events Viewer Kerio Personal Firewall 4.0 (KPF4) Local Privilege Escalation Vulnerability Arbitrary Code Injection through XSS Vulnerability in CuteNews 1.3.6 and Earlier CuteNews 1.3.6 Remote File Inclusion Vulnerability Authentication Bypass Vulnerability in MailWorks Professional Information Disclosure Vulnerability in YaBB SE 1.5.1 via Admin.php Denial of Service Vulnerability in Engenio/LSI Logic Storage Controllers Denial of Service Vulnerability in Call of Duty 1.4 and Earlier PsNews 1.1 index.php Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in Trillian 0.74i MSN Module Halo Combat Evolved Denial of Service Vulnerability SQL Injection Vulnerabilities in Subjects 2.0 Postnuke Module Cross-Site Scripting (XSS) Vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 Directory Traversal Vulnerabilities in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 Information Disclosure Vulnerability in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 Information Disclosure: Remote Viewing of Other Users' Attachments in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and Possibly Other Versions Arbitrary Content Creation Vulnerability in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 Arbitrary File Deletion and File Movement Vulnerability in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 Denial of Service Vulnerability in Serv-U FTP Server 4.x and 5.x Remote Code Execution Vulnerability in Gadu-Gadu 6.0 Build 149 via Crafted GG_MSG_IMAGE_REPLY Message Sensitive Information Disclosure in pdesk.cgi PerlDesk pdesk.cgi Directory Traversal Vulnerability Arbitrary File Creation Vulnerability in TwinFTP 1.0.3 R2 Denial of Service Vulnerability in Pingtel Xpressa Handset Firmware 2.1.11.24 Buffer Overflow Vulnerabilities in QNX Photon microGUI QNX 6.1 FTP Client Format String Vulnerability Privilege Escalation via Race Condition in crrtrap for QNX RTP 6.1 ARP Request Memory Leakage Vulnerability Authentication Bypass Vulnerability in SMC Routers SMC7004VWBR and SMC7008ABR EU Bypassing Information Bar Prompt in Internet Explorer 6.0 CRLF Injection Vulnerability in Snitz Forums 2000 3.4.04's down.asp Denial of Service Vulnerability in Pigeon Server 3.02.0143 and Earlier Symlink Attack Vulnerability in sudoedit (sudo -e) in sudo 1.6.8 Arbitrary Code Execution via Cross-Site Scripting (XSS) in DNS4Me Web Server Denial of Service Vulnerability in DNS4Me 3.0.0.4 Web Server Arbitrary Web Script Injection Vulnerability in Mambo 4.5 (1.0.9) index.php Mambo 4.5 (1.0.9) Function.php Remote File Inclusion Vulnerability Default Usernames and Passwords in Symantec ON Command CCM and iCommand: Remote Unauthorized Access Vulnerability Authentication Bypass in EmuLive Server4 Commerce Edition Build 7560 Denial of Service Vulnerability in EmuLive Server4 Commerce Edition Build 7560 Username Enumeration Vulnerability in CA Unicenter Management Portal 2.0 and 3.1 Denial of Service Vulnerability in PopMessenger 1.60 and Earlier Versions Denial of Service Vulnerability in Pinnacle ShowCenter 1.51 via Invalid Skin Parameter Arbitrary HTML Injection Vulnerability in Pinnacle ShowCenter 1.51 build 121 Heap-based Buffer Overflow in Cfengine's AuthenticationDialogue Function Null Dereference Denial of Service Vulnerability in Cfengine 2.0.0 to 2.1.7p1 Remote Code Execution Vulnerability in Fusion News 3.6.1 Privilege Escalation Vulnerability in WpQuiz 2.60b1 through 2.60b8 Buffer Overflow Vulnerability in Citadel/UX 6.23 and Earlier: Denial of Service via Long Username Denial of Service and Remote Code Execution Vulnerability in U.S. Robotics USR808054 Wireless Access Point Privilege Escalation via Modified Library Files in Oracle Unix Systems Denial of Service Vulnerability in Webbsyte Chat 0.9.0 Unencrypted Communication Vulnerability in Datakey Rainbow iKey2032 USB Token Arbitrary Command Execution Vulnerability in page.cgi Arbitrary Web Script Injection Vulnerability in Moodle's post.php TypePad XSS Vulnerability: Remote Code Injection via Name Parameter Local File Corruption Vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier Insecure Permissions in BlackICE PC Protection and Server Protection Installs MIMEsweeper for Web Directory Traversal Vulnerability Arbitrary Script Injection in PForum User Profile Fields Multiple Buffer Overflows in gv's psscan Function Denial of Service Vulnerability in ZwOpenSection Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Merak Webmail Server 5.2.7 Information Disclosure Vulnerability in Merak Mail Server 5.2.7 Arbitrary PHP File Read Vulnerability in Merak Mail Server 5.2.7 SQL Injection Vulnerability in Merak Mail Server 5.2.7: Remote Code Execution via calendar.html Information Disclosure Vulnerability in PHP-Fusion 4.00 Insecure Permissions on Database Backups in PHP-Fusion 4.0 XV xvbmp.c Stack-based Buffer Overflow Vulnerability Heap-based Buffer Overflow in XV Image Processing Library Denial of Service Vulnerability in BadBlue 2.5 Buffer Overflow Vulnerability in British National Corpus SARA (sarad): Remote Code Execution Arbitrary Script Injection via User-Agent Header in Nihuo Web Log Analyzer 1.6 Cross-Site Scripting (XSS) Vulnerability in Mantis Bugtracker Email Bombing Vulnerability in Mantis Bugtracker's Signup Page SQL Injection Vulnerability in MyDMS Allows Remote Code Execution via folderid Parameter MyDMS 1.4.2 Directory Traversal Vulnerability Remote File Inclusion Vulnerability in Mantis 0.19.0a Sympa 4.1.x XSS Vulnerability in Create List Description Field Information Disclosure Vulnerability in Cacti 0.8.5a Cacti 0.8.5a Auth_Login.php SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in JShop's page.php Denial of Service Vulnerability in Bird Chat 1.61 Arbitrary File Read Vulnerability in Music Daemon (musicd) 0.0.3 and Earlier Denial of Service Vulnerability in Music Daemon (musicd) 0.0.3 and Earlier WebAPP 0.9.9 Directory Traversal Vulnerability Arbitrary File Viewing Vulnerability in Easy File Sharing (EFS) Webserver 1.25 Denial of Service Vulnerability in Easy File Sharing (EFS) Webserver 1.25 Buffer Overflow Vulnerability in Painkiller 1.3.1 and Earlier: Remote Code Execution and Denial of Service Arbitrary Web Script Injection Vulnerability in PHP Code Snippet Library NetworkEverywhere NR041 Firmware 1.2 Release 03 Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in NtRegmon 6.12 Denial of Service Vulnerability in Attack Mitigator IPS 5500 3.11.008 Denial of Service Vulnerability in RealVNC 4.0 and Earlier Denial of Service Vulnerability in Ground Control II: Operation Exodus 1.0.0.7 and Earlier Remote Code Execution Vulnerability in Gaucho 1.4 Build 145 via Long Content-Type Header Cross-Tab Scripting Vulnerability in Apple Java Plugin DNS Cache Poisoning Vulnerability in Symantec Gateway Security Products Identity Misuse Vulnerability in BEA WebLogic Server and Express 7.0 SP4 and Earlier SSL Certificate Chain Spoofing Vulnerability in BEA WebLogic Server Cleartext Storage of Administrator Password in BEA WebLogic Server and Express 8.1, SP1 and Earlier Plaintext Storage of Database Credentials in BEA WebLogic Server and WebLogic Express Denial of Service Vulnerability in Cisco Voice Products with IBM Director Agent Unauthenticated Remote Access Vulnerability in Cisco Voice Products Denial of Service Vulnerability in Ethereal 0.8.13 to 0.10.2 via Malformed Color Filter File F-Secure Anti-Virus (FSAV) 4.52 for Linux Vulnerability Allowing Sober.D Worm Bypass Buffer Overflow Vulnerability in HAHTsite Scenario Server 5.1 Patch 06 (build 91) Buffer Overflow Vulnerability in CDE libDtSvc on HP-UX Remote Code Execution Vulnerability in ModSecurity 1.7.4 for Apache 2.x Unencrypted Communication Vulnerability in NetScreen-Security Manager Privilege Escalation via Arbitrary Loadable Kernel Modules in Solaris 2.6-9 Denial of Service Vulnerability in Symantec Brightmail AntiSpam 6.0.1 Arbitrary Code Execution via Allow cPanel Users to Reset Password via Email Feature in cPanel 9.1.0 Build 34 and Earlier Remote Code Execution Vulnerability in cPanel 9.1.0 Login Page SOGo 1.0 Privilege Escalation Vulnerability Arbitrary Code Execution Vulnerability in GNU sharutils 4.2.1 Buffer Overflow Vulnerabilities in sharutils 4.2.1 and Earlier: Arbitrary Code Execution Buffer Overflow in SDO_CODE_SIZE Procedure of MD2 Package in Oracle 10g Remote Configuration Modification Vulnerability in Cisco VACM for Catalyst Operating Software and IOS Remote Configuration Data Modification Vulnerability in Cisco IOS 12.1(3) and 12.1(3)T Skype for Windows Range Check Error Vulnerability World-writable permissions in Skype language directory allows for unauthorized modification and potential social engineering attacks Arbitrary Web Script Injection Vulnerability in ThWboard before Beta 2.84 Authentication Bypass Vulnerability in Info Touch Surfnet Kiosk Local Privilege Escalation and System Crash Vulnerability in Info Touch Surfnet Kiosk Remote Code Execution in Athena Web Registration via pass parameter Net2Soft Flash FTP Server 1.0 Directory Traversal Vulnerability Remote Code Execution Vulnerability in Webcam Watchdog 3.63 Web Server SQL Injection Vulnerability in Invision Power Board 1.3 calendar.php Insufficient Access Control in PortalApp Allows Remote Access to Sensitive Information PostCalendar 4.0.0 SQL Injection Vulnerability Insufficient Access Control in ASP-Nuke 1.3 and Earlier Allows Unauthorized Access to User Credentials ZyWALL 10 4.07 Web Management Interface Cross-Site Scripting (XSS) Vulnerability Edimax AR-6004 ADSL Routers Cross-Site Scripting (XSS) Vulnerability Default Administrator Credentials in Edimax AR-6004 ADSL Routers Denial of Service Vulnerability in YaSoft Switch Off 2.3 and Earlier Remote Code Execution Vulnerability in YaSoft Switch Off 2.3 and Earlier VCard4J Toolkit NICKNAME Tag Cross-Site Scripting (XSS) Vulnerability Local File Inclusion Vulnerability in Info Touch Surfnet Kiosk Remote File Inclusion Vulnerability in HotNews 0.7.2 and Earlier Arbitrary Script Injection Vulnerability in FreznoShop 1.3.0 RC1 and Earlier Arbitrary Script Execution in RealOne Player 6.0.11.868 via SMIL Presentation Bypassing Packet Filters in OpenBSD with Stateful Filtering Enabled Remote Code Execution Vulnerability in Sysbotz SimpleData 4.0.1 and Earlier Versions Arbitrary File Read Vulnerability in PWebServer 0.3.3 IP Address Hiding Vulnerability in Chat Anywhere 2.72 and Earlier Denial of Service Vulnerability in wMCam Server 2.1.348 Format String Vulnerability in Epic Games Unreal Engine 436 Games SQL Injection Vulnerability in CFWebstore 5.0: Remote Code Execution via index.cfm CFWebstore 5.0 Index.cfm Cross-Site Scripting (XSS) Vulnerability Symlink Attack Vulnerability in Extcompose of Metamail Arbitrary Web Script Injection Vulnerability in phpBB 2.0.6d and Earlier Denial of Service Vulnerability in Opera 7.23's JavaScript Engine Trusted Certificate Compromise in HP Web-enabled Management Software Remote Code Execution Vulnerabilities in Unicenter TNG 2.4 VocalTec VGW4/8 Gateway 8.0 Authentication Bypass Vulnerability VocalTec VGW4/8 Gateway 8.0 Directory Traversal Vulnerability Denial of Service Vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0 Denial of Service Vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier Php-Nuke 7.1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary Script Execution via Cross-Site Scripting (XSS) in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 Information Disclosure Vulnerability in 4nAlbum 0.92 for PHP-Nuke 6.5 through 7.0 Remote File Inclusion Vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 SQL Injection Vulnerability in 4nAlbum 0.92 for PHP-Nuke 6.5 through 7.0: Unauthorized Database Operations via gid Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phorum 3.1 through 5.0.3 Beta Cross-Site Scripting (XSS) Vulnerabilities in Jelsoft vBulletin 2.0 Beta 3 through 3.0 Arbitrary Script Injection Vulnerability in Jelsoft vBulletin Arbitrary Web Script Injection Vulnerability in Mambo Open Source 4.5 SQL Injection Vulnerability in Mambo Open Source 4.5 Stable 1.0.3 and Earlier: Remote Code Execution via id Parameter Arbitrary Web Script Injection via background:url Property in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final Unauthenticated Remote Uninstallation and Database Deletion in Vcard 2.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 Path Disclosure Vulnerability in Error Manager 2.1 for PHP-Nuke 6.0 Chrome 1.2.0.0 Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Mac OS X Server 10.3 GUI Admin Service World Writable Permissions in Borland Interbase 7.1 for Linux Allow Local Users to Gain Database Administrative Privileges Apache mod_disk_cache Information Disclosure Vulnerability Multiple SQL Injection Vulnerabilities in Invision Gallery 1.0.1 SQL Injection Vulnerability in Invision Power Top Site List 1.1 RC 2 and Earlier Mod_survey 3.0.x and 3.2.x XSS Vulnerability Directory Traversal Vulnerability in xweb 1.0 Allows Remote File Download Sensitive Information Disclosure in MS Analysis Module 2.0 for PHP-Nuke Multiple Cross-Site Scripting (XSS) Vulnerabilities in MS Analysis Module 2.0 for PHP-Nuke SQL Injection Vulnerability in MS Analysis Module 2.0 for PHP-Nuke CSRF Vulnerability in Php-Nuke 6.x through 7.1.0 Allows Remote Administrative Privilege Escalation SQL Injection Vulnerability in Member Management System 2.1: Remote Code Execution via ID Parameter Arbitrary Web Script Injection in Member Management System 2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in News Manager Lite 2.5 Multiple SQL Injection Vulnerabilities in News Manager Lite 2.5 Authentication Bypass Vulnerability in News Manager Lite 2.5 Denial of Service and File Size Bypass Vulnerability in Ipswitch WS_FTP Server 4.0.2 Cross-Site Scripting (XSS) Vulnerabilities in cPanel 9.1.0 Denial of Service Vulnerability in Rage 1.01 and Earlier Insufficiently Random Encryption Key Generation in Dameware Mini Remote Control 4.1.0.0 Plaintext Transmission of Blowfish Encryption Key in DameWare Mini Remote Control Remote Denial of Service Vulnerability in Terminator 3: War of the Machines 1.0 Remote Code Execution Vulnerability in Picophone 1.63 and Earlier Unsecured RSA Public Key in Dark Age of Camelot Pre-1.68 Patch Arbitrary File Upload Vulnerability in HP Web JetAdmin 7.5.2546 Directory Traversal Vulnerability in HP Web Jetadmin 7.5.2546 Denial of Service Vulnerability in HP Web Jetadmin 7.5.2546 Arbitrary File Read Vulnerability in Trend Micro Interscan Web Viruswall Buffer Overflow Vulnerability in Check Point SmartDashboard: Remote Code Execution and Denial of Service Weak Encryption Algorithm in Invision NetSupport School Pro Allows Password Retrieval Multiple Cross-Site Scripting (XSS) Vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in XMB 1.9 Beta Extreme Messageboard (XMB) 1.9 beta SQL Injection Vulnerability Cross-site scripting (XSS) vulnerability in bBlog 0.7.2 administration panel allows remote authenticated superusers to inject arbitrary web script or HTML via blog name parameter. Denial of Service Vulnerability in Nstx 1.1 beta3 and Earlier Cross-Site Scripting (XSS) Vulnerability in Fresh Guest Book's guest.cgi Remote Code Execution Vulnerability in eSignal WinSig.exe Denial of Service Vulnerability in Etherlords I and II Multiple SQL Injection Vulnerabilities in PhotoPost PHP Pro 4.6.x and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhotoPost PHP Pro 4.6.x and Earlier WebCT Campus Edition 4.1.1.5 XSS Vulnerability in @import URL Function SQL Injection Vulnerability in category.asp in A-CART Pro and A-CART 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in A-CART Pro and A-CART 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in cPanel 9.1.0-R85 Arbitrary Command Execution Vulnerability in Clam AntiVirus Daemon (clamd) Remote Code Execution Vulnerability in Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) Authentication Bypass and Information Disclosure in LINBOX LIN:BOX PHPKIT 1.6.03 Cross-Site Scripting (XSS) Vulnerability in Forum Messages OpenLDAP Back-BDB Backend Memory Leak Vulnerability SQL Injection Vulnerability in CactuShop 5.x: Remote Code Execution via strItems Parameter Arbitrary Code Injection through XSS in CactuShop 5.x popuplargeimage.asp Multiple Buffer Overflow Vulnerabilities in Ipswitch WS_FTP Server 4.0.2 Backdoor Vulnerability in Ipswitch WS_FTP Server 4.0.2 Arbitrary Program Execution Vulnerability in Ipswitch WS_FTP Server 4.0.2 Directory Traversal and File Download Vulnerability in Ada Image Server (ImgSvr) 0.4 Arbitrary Command Execution in Aborior Encore WebForum via display.cgi Denial of Service Vulnerability in SGI IRIX FTPD SGI IRIX FTPD Denial of Service Vulnerability FTP_syslog function in SGI IRIX 6.5.20: Potential Logging Issue with Anonymous FTP Stack-based Buffer Overflow in DecodeBase16 Function in eMule 0.42d IRC Module and Web Server Unauthenticated Remote Code Execution and Information Disclosure in Dreamweaver MX Arbitrary File Overwrite Vulnerability in TEXutil in ConTEXt Symlink Attack Vulnerability in YaST Online Update (YOU) in SuSE 8.2 and 9.0 Heap-based Buffer Overflow in Nullsoft Winamp 2.91 through 5.02 via Fasttracker 2 (.xm) Mod Media File Remote Denial of Service Vulnerability in Monit Administration Interface Remote Code Execution via Stack-based Buffer Overflow in Monit Administration Interface Off-by-one Overflow Vulnerability in Monit Administration Interface Format String Vulnerability in IGI 2 Covert Strike Server 1.3 and Earlier: Remote Code Execution via RCON Commands Local Privilege Escalation via Hard Link Attack on Portage Lockfiles Unencrypted Password Vulnerability in Citrix MetaFrame Password Manager 2.0 Remote Code Execution Vulnerability in blaxxun 3D 7.0 via Long URL Property Buffer Overflow in ascontrol.dll in Panda ActiveScan 5.0: Remote Code Execution Vulnerability Denial of Service Vulnerability in Panda ActiveScan 5.0 Buffer Overflow Vulnerability in Mcafee FreeScan Allows Remote Code Execution Denial of Service Vulnerability in Kerio Personal Firewall (KPF) 4.0.13 Information Disclosure Vulnerability in McFreeScan.CoMcFreeScan.1 ActiveX Object Denial of Service Vulnerability in ClamAV 0.68 and Earlier Denial of Service Vulnerability in Symantec Virus Detection via rufsi.dll AzDGDatingLite 2.1.1 Cross-Site Scripting (XSS) Vulnerability Information Disclosure Vulnerability in NukeCalendar 1.1.a Arbitrary Web Script Injection Vulnerability in NukeCalendar 1.1.a Arbitrary SQL Command Execution in NukeCalendar 1.1.a Remote Code Execution Vulnerability in LCDproc 0.4.x up to 0.4.4 Multiple Buffer Overflows in LCDProc 0.4.x Versions Format String Vulnerability in LCDProc 0.4.1 and Earlier: Remote Code Execution in test_func_func RSniff 1.0 Denial of Service Vulnerability Denial of Service Vulnerability in Crackalaka 1.0.8 Hardcoded super Username and Password in X-Micro WLAN 11b Broadband Router Hardcoded Username and Password Vulnerability in X-Micro WLAN 11b Broadband Router 1.6.0.1 Memory Consumption Denial of Service Vulnerability in Microsoft Internet Explorer 5.5 and 6.0 Information Disclosure Vulnerability in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and Earlier Multiple SQL Injection Vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and Earlier Arbitrary Code Injection in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier Arbitrary File Existence Disclosure Vulnerability in Tiki CMS/Groupware Arbitrary File Upload Vulnerability in Tiki CMS/Groupware (TikiWiki) 1.8.1 and Earlier SQL Injection Vulnerability in PHP-Nuke Allows Remote Authentication Bypass Arbitrary Web Script Injection via cookiedecode Function in PHP-Nuke SQL Injection Vulnerability in PHP-Nuke 6.x through 7.2: Arbitrary Code Execution and Administrator Account Creation World-read permissions on Citadel/UX database directory and files Gemitel 3.50 affich.php Remote File Inclusion Vulnerability SCT Campus Pipeline XSS Vulnerability in E-mail Attachments Bypassing E-mail Protection in ZoneAlarm Pro via Non-English Character Attachments Multiple Directory Traversal Vulnerabilities in Nuked-KlaN 1.4b and 1.5b SQL Injection Vulnerability in Phorum 3.4.7 Userlogin.php Allows Remote Code Execution Zaep AntiSpam 2.0 Double Encoded Slashes XSS Vulnerability Out-of-Bounds Read Denial of Service Vulnerability in KPhone 4.0.1 and Earlier Denial of Service Vulnerability in Fastream NETFile FTP/Web Server 6.5.1.980 Insecure Access to Secure NIS Maps in Solaris 9 Remote File Inclusion Vulnerability in Album Portal PHPBB Modified by Przemo 1.8 Denial of Service Vulnerability in Eudora 6.1 and 6.0.3 for Windows Buffer Overflow in Kinesphere eXchange POP3: Remote Code Execution via Long MAIL FROM Field Format String Vulnerability in Cherokee Web Server 0.4.16 and Earlier Remote Code Execution and Information Disclosure Vulnerability in BitDefender Scan Online ActiveX Control Sensitive Information Disclosure via Command Line Arguments in NcFTP Client SQL Injection Vulnerabilities in PostNuke 7.2.6 and Earlier: Remote Code Execution IP Address Spoofing Vulnerability in phpBB 2.0.8a and Earlier Arbitrary File Overwrite Vulnerability in xine and xine-ui SQL Injection Vulnerability in Advanced Guestbook 2.2: Remote Code Execution and Privilege Escalation via Password Sensitive Information Disclosure in phProfession 2.5 via Direct HTTP Request phProfession 2.5 modules.php Cross-site Scripting (XSS) Vulnerability SQL Injection Vulnerability in phProfession 2.5 Modules.php Information Disclosure Vulnerability in PostNuke 0.7.2.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PostNuke 0.726 Unreal Engine Manifest.ini Directory Traversal Vulnerability Sensitive Information Disclosure in Protector System 1.15b1 for PHP-Nuke via blocker_query.php Arbitrary Web Script Injection Vulnerability in Protector System 1.15b1 SQL Injection bypass in Protector System 1.15b1 via URL-encoded characters SQL Injection Vulnerability in Protector System 1.15b1: Bypassing Filters with /**/ Sequences Sensitive Information Disclosure in Network Query Tool (NQT) 1.6 via portNum Parameter Arbitrary Web Script Injection Vulnerability in Network Query Tool (NQT) 1.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and Earlier Multiple SQL Injection Vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and Earlier Arbitrary Code Execution via Cross-Site Request Forgery (CSRF) in Open Bulletin Board (OpenBB) 1.0.6 and earlier Arbitrary Message Reading Vulnerability in Open Bulletin Board (OpenBB) 1.0.6 and Earlier Arbitrary Script Execution via Avatar Upload in Open Bulletin Board (OpenBB) 1.0.6 and Earlier Administrative Access Vulnerability in Samsung SmartEther SS6215S Switch Sensitive Information Disclosure in PHP-Nuke Video Gallery Module 0.1 Beta 5 SQL Injection Vulnerability in PHP-Nuke Video Gallery Module 0.1 Beta 5 DiGi Web Server Denial of Service Vulnerability via Slash Conversion Sensitive Information Disclosure in paFileDB 3.1 via Direct Request Cross-Site Scripting (XSS) Vulnerability in paFileDB 3.1 Category Module Default Remote Administration Enabled on SMC Barricade Broadband Routers 7008ABR and 7004VBR Denial of Service Vulnerability in 3com NBX IP VOIP NetSet Configuration Manager Arbitrary HTML and Web Script Injection in Moodle's help.php Arbitrary HTML Injection Vulnerability in PROPS 0.6.1 do_search.php Arbitrary File Viewing Vulnerability in PROPS 0.6.1 Glossary Module Crystal Reports Web Interface Denial of Service Vulnerability Remote Code Execution in YaBB 1 Gold SP 1.2 via Carriage Return Characters in Subject Field Denial of Service Vulnerability in arch_get_unmapped_area Function with ASLR Enabled Path Disclosure Vulnerability in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 Arbitrary HTML Injection Vulnerability in Coppermine Photo Gallery 1.2.2b Coppermine Photo Gallery Directory Traversal Vulnerability Arbitrary Command Execution in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 Remote File Inclusion Vulnerability in Coppermine Photo Gallery 1.2.0 RC4 Coppermine Photo Gallery 1.2.2b Remote File Inclusion Vulnerability in theme.php Information Disclosure Vulnerability in Aldo's Web Server (aweb) 1.5 Aldo's Web Server (aweb) 1.5 Directory Traversal Vulnerability Buffer Overflow Vulnerability in Serv-U FTP Server before 5.0.0.6 Allows Remote Denial of Service Incomplete Patch in omail.pl Allows Remote Command Execution via Shell Metacharacters Remote User Ban Vulnerability in FuseTalk 4.0 Arbitrary Account Creation Vulnerability in FuseTalk 2.0 Arbitrary Web Script Injection Vulnerability in Simple Machines Forum (SMF) 1.0 OpenLDAP Passwords Stored in Plaintext in Kolab's slapd.conf File Vulnerability Sensitive Information Disclosure in Php-Nuke Downloads Module Arbitrary HTML and Web Script Injection in Php-Nuke Downloads Module SQL Injection Vulnerability in Php-Nuke Downloads Module ARP Spoofing Vulnerability in SGI IRIX 6.5 through 6.5.22m SGI IRIX 6.5 through 6.5.22m UDP Denial of Service Vulnerability Buffer Overflow in SSLway Filter Allows Remote Code Execution Unsecured Root Access via SSH in SUSE LINUX 9.1 Personal Edition Live CD Buffer Overflow Vulnerability in Eudora for Windows 5.2.1, 6.0.3, and 6.1 Default Permissions Allow Local Users to Disable Trend Micro OfficeScan Virus Protection Cross-site scripting (XSS) vulnerability in NukeJokes 1.7 and 2 Beta in modules.php SQL Injection Vulnerability in NukeJokes 1.7 and 2 Beta via jokeid Parameter Path Disclosure Vulnerability in NukeJokes 1.7 and 2 Beta PHP Remote File Inclusion Vulnerability in phpShop 0.7.1 and Earlier Denial of Service Vulnerability in msxml3.dll in Internet Explorer 6.0.2600.0 Privilege Escalation via systrace_exit Function Integer Overflow in SCTP_SOCKOPT_DEBUG_NAME Allows Arbitrary Code Execution Local File Overwrite Vulnerability in Wget 1.9 and 1.9.1 WebCT Campus Edition XSS Vulnerability: Arbitrary HTML and Script Injection NetChat 7.3 HTTP Server Stack-Based Buffer Overflow Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 Remote File Inclusion Vulnerability in Php-Nuke 6.x through 7.3 Sensitive Information Disclosure in Php-Nuke WebLinks Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Php-Nuke 6.x through 7.3 Arbitrary File Viewing Vulnerability in osCommerce 2.2 Stack-based Buffer Overflow in ActivePerl and Larry Wall's Perl on Windows Systems SQL Injection Vulnerability in Zen Cart Login Page Debugging Code in Zen Cart 1.1.4 Allows Unauthorized Administrative Access SQL Injection Vulnerability in Zen Cart 1.1.3 Application_top.php Remote Code Execution via Format String Vulnerability in Pound 1.5 and Earlier Icecast 2.0.0 Buffer Overflow Vulnerability Arbitrary Web Script Injection via stats.php in e107 Denial of Service Vulnerability in BNBT BitTorrent Tracker Beta 7.5 Release 2 and Earlier Arbitrary Web Script Injection in Liferay index.jsp e107 User.php Cross-Site Scripting (XSS) Vulnerability Bypassing Keyword-Based URL Filtering in Netgear RP114 Denial of Service Vulnerability in Orenosv 0.5.9f via Long HTTP GET Request Arbitrary Code Execution Vulnerability in WildTangent Web Driver 4.0 Denial of Service Vulnerability in MiniShare 1.3.2 SQL Injection Vulnerability in jPortal's art_print Function Buffer Overflow in Mollensoft Lightweight FTP Server 3.6 via Long CWD Command Arbitrary Web Script Injection in Land Down Under (LDU) Path Disclosure Vulnerability in e107 0.615 Multiple Cross-Site Scripting (XSS) Vulnerabilities in e107 0.615 Remote File Inclusion Vulnerability in secure_img_render.php in e107 0.615 Multiple SQL Injection Vulnerabilities in e107 0.615 Buffer Overflow Vulnerability in Firebird Database Server Improper Use of eregi() Function in PHP-Nuke Codebase Allows Remote Script Access and Information Disclosure Denial of Service Vulnerability in Conceptronic CADSLR1 ADSL Router Firmware 3.04n Denial of Service Vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 Arbitrary File Retrieval Vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke Default jstwo Password Vulnerability in eSeSIX Thintune Thin Clients Clear-text Storage of Sensitive Credentials in eSeSIX Thintune Thin Clients Hard-coded Password Vulnerability in eSeSIX Thintune Thin Clients Local File Disclosure Vulnerability in Phoenix Browser of eSeSIX Thintune Thin Clients Insecure Password Validation in eSeSIX Thintune Thin Clients EasyIns Stadtportal 4 - PHP Remote File Inclusion Vulnerability CRLF Injection Vulnerability in PhpBB 2.0.4 and 2.0.9 PhpBB 2.0.4 and 2.0.9 Search.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Nucleus CMS 3.01 action.php ASPRunner 2.4 SQL Injection Vulnerability Sensitive Information Disclosure in ASPRunner 2.4 Multiple Cross-Site Scripting Vulnerabilities in ASPRunner 2.4 Predictable Database Exposure in ASPRunner 2.4 Remote Code Execution and File Disclosure in RiSearch 1.0.01 and RiSearch Pro 3.2.06 SQL Injection Vulnerability in AntiBoard 0.7.2 and Earlier: Remote Code Execution via antiboard.php Arbitrary HTML Injection Vulnerability in AntiBoard 0.7.2 and Earlier Arbitrary Web Script Injection Vulnerability in lostBook 1.1 and Earlier Bypassing Extension Filtering Rule in DansGuardian 2.8 and Earlier SQL Injection Vulnerability in LinPHA 0.9.4 session.php Allows Remote Code Execution and Authentication Bypass SQL Injection Vulnerability in Jaws Framework and Content Management System 0.4: Bypass Authentication and Arbitrary SQL Execution in controlpanel.php Denial of Service Vulnerability in Leafnode 1.9.47 and Earlier OpenSSH Denial of Service Vulnerability Arbitrary Command Execution via Altiris Client Service Tray Icon in Windows 5.6 SP1 Hotfix E (5.6.181) Authentication Bypass Vulnerability in Macallan Mail Solution 2.8.4.6 Cross-Site Scripting (XSS) Vulnerability in Mambo Open Source 4.6 Linux-VServer 1.24 Privilege Escalation via Modified Chroot-Again Exploit Format String Vulnerability in Dream FTP 1.02 Allows Denial of Service via Specifiers in PASS and RETR Commands Denial of Service Vulnerability in Sophos Anti-Virus 3.78 Jelsoft vBulletin 3.0.0 RC4 search.php Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Nadeo Game Engine Denial of Service Vulnerability in Red-M Red-Alert 2.7.5 IP Address Authentication Bypass in Red-M Red-Alert 2.7.5 Multiple Spaces in SSID Conversion Vulnerability Denial of Service Vulnerability in Sami FTP Server 1.1.3 Denial of Service Vulnerability in Sami FTP Server 1.1.3 File Download Extension Spoofing Vulnerability in Opera Web Browser 7.0 through 7.23 Arbitrary Web Script Injection in JShop E-Commerce Server's search.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpCodeCabinet 0.4 and Earlier Stack-based Buffer Overflow in Sambar Server Allows Remote Code Execution Remote Code Execution Vulnerability in SandSurfer before 1.7.0 Bypassing Virus Scanning in Sophos Anti-Virus 3.78 via qmail DSN Denial of Service Vulnerability in Matrix FTP Server via Four Spaces Login Arbitrary File Existence Disclosure in Microsoft Internet Explorer 5.0.1 through 6.0 False Sense of Security: MBSA 1.2 Vulnerability Insecure Permissions in eTrust InoculateIT for Linux 6.0 Allow Unauthorized Access Buffer Overflow in open_socket_out function in rsync 2.5.7 and earlier WebcamXP 1.06.945 Cross-Site Scripting (XSS) Vulnerability Honeyd before 0.8 SYN and RST Flag Vulnerability Arbitrary Script Execution via Cross-Site Scripting (XSS) in Mephistoles httpd 0.6.0 Local File Overwrite Vulnerabilities in SuSE Linux 9.0 Arbitrary Script Execution via TBE 5.0 HTML Banner View/Preview XSS Vulnerability Remote Code Execution Vulnerability in Need for Speed Hot Pursuit 2.0 Client Bypassing Authentication in GeoHttpServer via Encoded Newlines Remote Denial of Service Vulnerability in GeoHttpServer's sysinfo Script Arbitrary Web Script Injection Vulnerability in FREESCO 2.05 Cross-Site Scripting (XSS) Vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 Information Disclosure Vulnerability in Novell NetWare Enterprise Web Server Arbitrary File Read Vulnerability in Novell NetWare Enterprise Web Server Directory Listing Vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 Authentication Bypass Vulnerability in Finjan SurfinGate 6.0 and 7.0 Proxy Mode Multiple SQL Injection Vulnerabilities in QuadComm Q-Shop Cross-Site Scripting (XSS) Vulnerabilities in Q-Shop's imagezoom.asp and recommend.asp SQL Injection Vulnerability in Phorum's register.php Allows Remote Code Execution Arbitrary Code Execution via Long Filename in Serv-U FTP Server Directory Traversal Vulnerability in BremsServer 1.2.4 Arbitrary Web Script Injection Vulnerability in BremsServer 1.2.4 Remote Code Execution Vulnerability in ProxyNow! 2.75 and Earlier via Long ftp:// URL Cross-Site Scripting (XSS) Vulnerabilities in Oracle HTTP Server 1.3.22 Directory Traversal Vulnerability in Tiny Server 1.1 Denial of Service Vulnerability in Tiny Server 1.1 Buffer Overflow Vulnerability in Tiny Server 1.1 Allows Remote Denial of Service Tiny Server 1.1 Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Reptile Web Server via Incomplete GET Requests Directory Traversal Vulnerabilities in Borland Web Server (BWS) 1.0b3 and Earlier Intra Forum Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Nextplace.com E-Commerce ASP Engine Remote File Inclusion Vulnerability in Gallery 1.3.1 through 1.4.1 Buffer Overflow Vulnerability in BlackICE PC Protection 3.6 and Earlier Versions Insecure Permissions in BlackICE PC Protection 3.6 and Earlier: Arbitrary Code Execution Vulnerability Web Blog 1.1 Directory Traversal Vulnerability Arbitrary Script Execution via Cross-Site Scripting (XSS) in BRS WebWeaver 1.07 Denial of Service Vulnerability in SurfNOW 2.2 Cross-Site Scripting (XSS) Vulnerabilities in phpBB 2.0.6 privmsg.php Stack-based Buffer Overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and Earlier Directory Traversal Vulnerability in PJ CGI Neo Review (PJreview_Neo.cgi) Allows Remote File Reading Untrusted Path Vulnerability in CVSup 16.1h Allows Arbitrary Code Execution Weak Encryption Algorithm Used in Oracle TopLink Mapping Workbench Allows Local Users to Decrypt Passwords IV Computation Weakness in Cryptoloop on Linux Kernel 2.6.x: Detecting Watermarked Files without Decryption IV Computation Weakness in dm-crypt on Linux Kernel 2.6.x: Detecting Watermarked Files BCC Leakage Vulnerability in Outlook Express 6.0 Arbitrary Code Injection through XSS Vulnerability in AWSguest.php Arbitrary Code Execution Vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 CRLF Injection Vulnerability in YaBB 1 Gold before 1.3.2 Unspecified Vulnerability in RMT Client's Remote Tape Support SQL Injection Vulnerability in ReMOSitory Server Add-on Module to Mambo Portal 4.5.1 (1.09) and Earlier Authentication Bypass Vulnerability in Baal Smart Forms before 3.2 SQL Injection Vulnerability in PD9 Software MegaBBS 2 and 2.1 CRLF Injection Vulnerability in PD9 Software MegaBBS 2 and 2.1: HTTP Response Splitting via fid Parameter Denial of Service Vulnerability in Symantec Norton AntiVirus and Microsoft Outlook Local Privilege Escalation Vulnerability in Slava Astashonok Fprobe 1.0.5 and Earlier Buffer Overflow in Prepared Statements API in libmysqlclient for MySQL 4.1.3 Beta and 4.1.4 Account Enumeration Vulnerability in Nettica Corporation INTELLIPEER Email Server 1.01 Denial of Service Vulnerability in Chatman 1.1.1 RC1 and Earlier Arbitrary Web Script Injection Vulnerability in MediaWiki 1.3.4 and Earlier Unspecified Vulnerabilities in Real Estate Management Software 1.0 Case Sensitivity Vulnerability in CUPS before 1.1.21rc1 Authentication Bypass Vulnerability in Online-Bookmarks Critical Unidentified Vulnerabilities in Online Recruitment Agency 1.0 Pose Significant Risk Arbitrary Code Injection via Email and Username Fields in Serendipity 0.7 beta1 SQL Injection Vulnerability in Serendipity 0.7-beta1 via entry_id Parameter in exit.php and comment.php Buffer Overflow Vulnerabilities in XMLStarlet Command Line XML Toolkit 0.9.3 XMLStarlet Command Line XML Toolkit 0.9.3 Format String Vulnerability SQL Injection Vulnerability in TUTOS 1.1 file_overview.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in TUTOS 1.1 Authentication Bypass Vulnerability in login_radius on OpenBSD Denial of Service Vulnerability in VP-ASP 5.0's shoprestoreorder.asp Denial of Service Vulnerability in Lords of the Realm III Unauthenticated Remote Printing Vulnerability in Canon ImageRUNNER (iR) 5000i and C3200 Buffer Overflow Vulnerabilities in LaTeX2rtf 1.9.15 and Other Versions Denial of Service Vulnerability in BaSoMail 1.24 Denial of Service Vulnerability in Application Access Server (A-A-S) 1.0.37 and Earlier Arbitrary File Read Vulnerability in Caravan 2.00/03d and Earlier Cherokee 0.4.8 XSS Vulnerability Weak Encryption Scheme in EarlyImpact ProductCart Allows Password Retrieval via Chosen Plaintext Attack SQL Injection Vulnerability in EarlyImpact ProductCart's advSearch_h.asp Arbitrary Javascript Injection via redirectUrl Parameter in EarlyImpact ProductCart SQL Injection Vulnerabilities in ReviewPost PHP Pro Default Configuration of Internet Connection Firewall in Windows XP SP2 Allows Bypassing of Access Controls DevoyBB Web Forum 1.0.0 Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in DevoyBB Web Forum 1.0.0 Denial of Service Vulnerability in asycpict.dll Multiple Cross-Site Scripting (XSS) Vulnerabilities in WowBB Forum 1.61 SQL Injection Vulnerabilities in WowBB Forum 1.61 and 1.65 Session Fixation Vulnerability in Macromedia JRun 4.0: Remote Session Hijacking Arbitrary Command Execution Vulnerability in WeHelpBUS 0.1 Directory Traversal Vulnerability in Digicraft Yak! Server 2.0 through 2.1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MediaWiki 1.3.5 SQL Injection Vulnerability in MediaWiki 1.3.5 via SpecialMaintenance Unspecified Vulnerability in ImagePage for MediaWiki 1.3.5 DMXReady Site Chassis Manager Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in DMXReady Site Chassis Manager: Remote Code Execution Unzoo 4.4-2 Directory Traversal Vulnerability Arbitrary Web Script Injection in Turbo Traffic Trader PHP 1.0 Arbitrary SQL Command Execution in Turbo Traffic Trader PHP 1.0 CJOverkill 4.0.3 trade.php Cross-site Scripting (XSS) Vulnerability Denial of Service Vulnerability in MailEnable Professional and Enterprise Editions Zanfi CMS Lite 1.1 - Remote File Inclusion Vulnerability in index.php Information Disclosure Vulnerability in Zanfi CMS Lite 1.1 Improper Ownership Check in kdocker 0.1-0.8 Allows Arbitrary Program Execution Arbitrary Password Change Vulnerability in DUware DUclassmate 1.0 through 1.1 DUware DUclassified 4.0 Cross-Site Scripting (XSS) Vulnerability DUware DUforum 3.0-3.1 Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in DUware DUforum 3.0 through 3.1 SQL Injection Vulnerabilities in DUware DUclassified 4.0-4.2: Bypass Authentication and Remote Command Execution Insecure Default Permissions in Ansel 1.2 through 2.0: Remote Access to Web Readable Directories Unauthorized Activities and Password Disclosure Vulnerability in Macromedia ColdFusion MX 6.0 and 6.1 Root Access Vulnerability in Veritas Cluster Server 1.0.1 through 4.0 Arbitrary SQL Command Execution Vulnerability in NatterChat 1.12 Ideal Science IdealBB 1.4.9 through 1.5.3 Cross-Site Scripting (XSS) Vulnerability CRLF Injection Vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 Ideal Science IdealBB 1.4.9 through 1.5.3 SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Express-Web CMS Cross-Site Scripting (XSS) Vulnerability in AliveSites Forums 2.0 SQL Injection Vulnerability in AliveSites Forums 2.0: Remote Code Execution via forum_id Parameter Information Disclosure in Mbedthis AppWeb HTTP Server Mixed Case URI Bypass Vulnerability in Mbedthis AppWeb HTTP Server File Descriptor Leakage Vulnerability in RXVT-Unicode 3.4 and 3.5 Denial of Service Vulnerability in Sun Java System Web Server and Application Server Multiple Unknown Vulnerabilities in yhttpd in yChat before 0.7 Leading to Denial of Service SQL Injection Vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and Earlier: Remote SQL Statement Modification via Password Parameter NullyFake: Address Bar Spoofing Vulnerability in Internet Explorer 6 Password-Protected ZIP File Bypass Vulnerability in F-Secure Anti-Virus for Microsoft Exchange Remote Code Execution Vulnerability in Mercantec SoftCart 4.00b via Buffer Overflow in SoftCart.exe FsPHPGallery 1.2 Directory Traversal Vulnerability Denial of Service Vulnerability in FsPHPGallery 1.2 Denial of Service Vulnerability in Appfoundry Message Foundry 2.75 .0003 Arbitrary File Deletion Vulnerability in Mozilla Firefox Email Address Enumeration Vulnerability in Mozilla Mail and Thunderbird File Download Dialog Box Filename Truncation Vulnerability in Mozilla Firefox Privilege Escalation Vulnerability in Mozilla Firefox on Mac OS X Privilege Escalation Vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 Heap-based Buffer Overflow in isakmpd on OpenBSD 3.4 through 3.6 Symlink Attack Vulnerability in Zero G Software InstallAnywhere SQL Injection Vulnerability in Glossary Module in Moodle 1.4.1 and Earlier Critical Front Page Vulnerability in Moodle Servers (Pre-1.3.2): Unknown Impact and Attack Vectors Teacher Privilege Escalation Vulnerability in Moodle 1.2 Unspecified Text Filtering Vulnerability in Moodle before 1.2 Unspecified Language Setting Vulnerability in Moodle 1.3.3 and Earlier Unspecified Vulnerability in Moodle Before 1.3.4 with Unknown Impact and Attack Vectors Related to Strings in Moodle Texts Static Format String Vulnerability in vsybase.c in vpopmail 5.4.2 and Earlier Buffer Overflow Vulnerability in vpopmail 5.4.2 and Earlier: Denial of Service and Arbitrary Code Execution SQL Injection Vulnerabilities in Phorum 5.0.11 and Earlier Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier via search.php Phorum search.php XSS Vulnerability Session Hijacking Vulnerability in Phorum XML Parser Denial of Service Vulnerability Arbitrary HTML Injection Vulnerability in Goollery 0.03 Arbitrary HTML Injection in Goollery before 0.04b via conversation_id Parameter Unspecified Vulnerability in AudienceConnect's Admin of PayPal Email Addresses Feature Unspecified Oversize Submissions Vulnerability in RemoteEditor before 0.1.1 Access Code Bypass Vulnerability in SecureEditor Access Code Bypass Vulnerability in RemoteEditor before 0.1.6 PPTP Server Version Disclosure Vulnerability Firewall Response to SYN-FIN Packets Vulnerability SurgeLDAP 1.0g Directory Traversal Vulnerability Authentication Bypass Vulnerability in SurgeLDAP 1.0g (Build 12) Directory Traversal Vulnerability in phpMyFAQ 1.3.12 Allows Remote File Read and Possible PHP File Execution phpMyFAQ 1.4.0 alpha - Directory Traversal Vulnerability Unauthenticated Image Manager Access in phpMyFAQ 1.4.0 Local privilege escalation vulnerability in Hummingbird Exceed before 9.0.0.1 Denial of Service Vulnerability in vsftpd before 1.2.2 Address Bar Redirection Vulnerability in Opera Browser 7.23 and Earlier Versions e107 Cross-Site Scripting (XSS) Vulnerability in Login Name/Author Field Arbitrary Code Execution via ImageManager in e107 SQL Injection Vulnerability in PlaySMS 0.7 and Earlier: Remote Attackers Can Modify SQL Statements via vc2 Cookie Format String Vulnerability in GNU less 382, 381, and 358 via LESSOPEN Environment Variable Insecure Handling of Temporary Files in UUDeview 0.5.20 and Earlier Ansel 2.1 and Earlier: Remote SQL Injection via Image Parameter Ansel 2.1 XSS Vulnerability in Album Name Field Information Disclosure Vulnerability in PimenGest2 before 1.1.1 Stack-based Buffer Overflow in Pads.c Allows Arbitrary Code Execution Arbitrary Command Execution Vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 Buffer Overflow in MiniShare 1.4.1 and Earlier: Remote Code Execution via Long HTTP GET Request Buffer Overflow in sockFinger_DataArrival Function in efFingerD 0.2.12 efFingerD 0.2.12 Denial of Service Vulnerability Unspecified Vulnerability in Jigsaw before 2.2.4 with Unknown Impact and URI Parsing Remote Code Execution in i-mall.cgi via Shell Metacharacters Vulnerability: Bypassing Initial Detection of Sober.D and Sober.G Viruses in F-Secure Anti-Virus Buffer Overflow Vulnerability in aGSM Half-Life Client Unspecified Cross-Site Scripting (XSS) Vulnerability in vHost Web GUI Invision Power Board 1.3 Final XSS Vulnerability in Chat Action Buffer Overflow Vulnerability in IBM Lotus Notes 6.5.x and 6.0.x Unspecified Vulnerabilities in IBM Lotus Notes 6.5.x and 6.0.x Bypassing URL Filters in DansGuardian before 2.7.7-2 Bypassing URL Filters in DansGuardian before 2.6.1-13 Arbitrary Command Execution in OpenWebmail's read_list_from_file Function ActivePerl Integer Overflow Vulnerability Arbitrary File Read Vulnerability in DSM Light Web File Browser 2.0 XSS Vulnerability in Jelsoft vBulletin's index.php Allows Website Spoofing Arbitrary Code Execution via Desktop.ini File in Windows XP Explorer Arbitrary Code Execution Vulnerability in Microsoft Windows XP Explorer Arbitrary Code Execution via Shell Helper Objects in Microsoft Internet Explorer 5.5 and 6.0 Alt-N MDaemon 7.0.1 IMAP Server Buffer Overflow Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP-Nuke 6.0 to 7.3 Cross-Site Scripting (XSS) Vulnerability in PHP-Nuke Reviews Module SQL Injection Vulnerability in PHP-Nuke Reviews Module Sensitive Information Disclosure in PHP-Nuke Reviews Module Denial of Service Vulnerability in PHP-Nuke Reviews Module Default NMAP Authentication Credential Vulnerability in Novell Internet Messaging System (NIMS) and NetMail Buffer Overflow in Omnicron OmniHTTPd 3.0a and Earlier: Remote Code Execution via Long Range Header in HTTP GET Request Buffer Overflow Vulnerability in ucd-snmp 4.2.6 and Earlier Buffer Overflow Vulnerability in Eudora Email Client Race condition vulnerability in sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 World-readable and World-writable File Permissions Vulnerability in MTools Mformat Heap-based Buffer Overflow in Trillian DirectIM Packet Handling Bypassing Virus Scanning in Computer Associates eTrust Antivirus EE 6.0 through 7.0 Vulnerability: Disabling Mail Alerts in Sun Solaris BSM Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2600 on Windows XP Arbitrary Web Script Injection Vulnerability in cPanel 9.1.0 and Earlier Crob FTP Server 3.5.1 Directory Traversal Vulnerability Arbitrary Web Script Injection Vulnerability in Lotus Domino R6 6.5.1 Directory Traversal Vulnerability in Lotus Domino R6 6.5.1 Webadmin.nsf Buffer Overflow Vulnerability in GNU Make for IBM AIX 4.3.3 Inconsistent Error Messages in Inter7 SqWebMail 3.4.1 - 3.6.1 Allow Remote Root Password Guessing Default Telnet Listener Password Vulnerability in Novell iChain Server Denial of Service Vulnerability in Mbedthis AppWeb HTTP Server Denial of Service Vulnerability in Mbedthis AppWeb HTTP Server Sensitive Information Disclosure in Mbedthis AppWeb HTTP Server SurgeFTP Server Denial of Service Vulnerability Local File Manipulation and Information Disclosure Vulnerability in IBM Informix Dynamic Server (IDS) Cross-Site Tracing (XST) Vulnerability in BEA WebLogic Server and Express Local Privilege Escalation: Administrator Password Disclosure in BEA WebLogic Server and Express 8.1 SP1 and earlier SQL Injection Vulnerability in phpWebSite Announce and Notes Modules Sensitive Information Disclosure in DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d DotNetNuke SQL Injection Vulnerability in LinkClick.aspx Arbitrary Web Script Injection Vulnerability in DotNetNuke EditModule.aspx Authentication Bypass via SQL Injection in IP3 Networks NetAccess Appliance Denial of Service Vulnerability in Vizer Web Server 1.9.1 Denial of Service Vulnerability in Clearswift MAILsweeper for SMTP Privilege Escalation Vulnerability in Kerio Personal Firewall (KPF) 2.1.5 Denial of Service Vulnerability in ColdFusion MX 6.1 and 6.1 J2EE Local Privilege Escalation in ColdFusion MX 6.1 and 6.1 J2EE Multiple Cross-Site Scripting (XSS) Vulnerabilities in CPAN WWW::Form before 1.13 File Upload Area Vulnerability in Bodington 2.1.0 RC1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in EMU Webmail 5.2.7 Privilege Escalation Vulnerability in Macromedia Installers and e-Licensing Client on Mac OS X Directory Traversal Vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5 World Readable Permissions on /.inlook/.crypt File in inlook 0.7.3 and Earlier: Local User Credential Disclosure Vulnerability Vulnerability: Access Restriction Bypass in OpenBSD 3.3 and 3.4 on Big-Endian 64-bit Platforms Privilege Escalation Vulnerability in Microsoft Windows 2000, XP, and 2003 SQL Injection Vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 Arbitrary Code Execution Vulnerability in iSearch isearch.inc.php ChatterBox 2.0 Denial of Service Vulnerability Local Privilege Escalation Vulnerability in Apache HTTP Server 2.0.47 and Earlier Denial of Service Vulnerability in VocalTec VGW120 and VGW480 ASN.1/H.323/H.225 Stack Multiple Local Privilege Escalation Vulnerabilities in Oracle9i Database Server Cross-Site Scripting (XSS) Vulnerabilities in Forum Web Server 1.6 and Earlier Arbitrary Command Execution in Leif M. Wright Web Blog 1.1 and 1.1.5 Denial of Service Vulnerability in Sybari AntiGen for Domino 7.0 Build 722 SR2 SQL Injection Vulnerabilities in Tunez 1.20-pre2: Remote Code Execution SQL Injection Vulnerability in phpBB 1.0 through 2.0.6 search.php Arbitrary Script Injection in GBook for Php-Nuke 1.0 Arbitrary Script Injection via Cookies in GBook for PHP-Nuke 1.0 Information Disclosure Vulnerability in BugPort SQL Injection and Cross-Site Scripting (XSS) Vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 Crafty Syntax Live Help (CSLH) before 2.7.4 - Cross-Site Scripting (XSS) Vulnerability in Name Field Fizmez Web Server 1.0 Denial of Service Vulnerability Unauthenticated Remote Access to Proofpoint Protection Server MySQL Database Arbitrary Web Script Injection Vulnerability in phpBB 2.0.6c admin_words.php Privilege Escalation Vulnerability in Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 Denial of Service Vulnerability in Targem Battle Mages 1.0 Denial of Service Vulnerability in Digital Reality Game Engine Path Disclosure Vulnerability in PHPX 3.2.6 and Earlier Cross-Site Scripting (XSS) Vulnerability in PHPX 3.0 through 3.2.6 Arbitrary Command Execution via CSRF in PHPX 3.0 through 3.2.6 Memory Exhaustion Vulnerability in Windows XP and Windows Server 2003 Buffer Overflow Vulnerability in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 Denial of Service Vulnerability in WFTPD and WFTPD Pro 3.21 R1 and R2 Remote File Inclusion Vulnerability in Opt-X 0.7.2 header.php Allows Arbitrary PHP Code Execution Directory Traversal Vulnerability in Lotus Domino R6 6.5.1 Webadmin.nsf Stack-based Buffer Overflow in Trillian and Trillian Pro Allows Remote Code Execution Denial of Service Vulnerability in Red Storm Web-Based Games Buffer Overflow in Bochs Allows Arbitrary Code Execution via Long HOME Environment Variable Predictable Location Vulnerability in AOL Instant Messenger (AIM) Buddy Icon File Information Disclosure Vulnerability in BadBlue 2.4 Buffer Overflow Vulnerability in 1st Class Mail Server 4.0 POP3 Server Buffer Overflow Vulnerability in postfile.exe for Twilight Utilities Web Server 2.0.0.0 Denial of Service Vulnerability in Alcatel OmniSwitch 7000 and 7800 Denial of Service Vulnerability in @Mail 3.64 for Windows Cross-Site Scripting (XSS) Vulnerabilities in @Mail 3.64 for Windows Arbitrary File Write Vulnerability in Twilight Utilities Web Server 2.0.0.0 Denial of Service Vulnerability in Jetty HTTP Server Denial of Service Vulnerability in PerfectNav Plugin for Internet Explorer Cross-Frame Scripting Vulnerability in Microsoft Internet Explorer 5.0-6.0 Denial of Service Vulnerability in NullSoft Winamp 5.02 Sensitive Path Information Disclosure in EMU Webmail 5.2.7 via init.emu Format String Vulnerability in LogMsg Function in sercd and sredird Remote Code Execution Vulnerability in sercd and sredird Privilege Escalation Vulnerability in rexecd for AIX 4.3.3 Denial of Service Vulnerability in Jabber Gadu-Gadu Transport 2.0.x before 2.0.8 Denial of Service Vulnerability in Jabber Gadu-Gadu Transport Denial of Service Vulnerability in Jabber Gadu-Gadu Transport 2.0.x Denial of Service Vulnerability in libuser 0.51.7 Improper Certificate Chain Validation in Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 Off-by-one Error in passwd 0.68 and Earlier: Reduced Search Space for Brute Force Attacks Memory Leak Vulnerability in passwd 0.68: Denial of Service via Failed Read Attempts Vulnerability: Unchecked Return Code in passwd 0.68 PAM Start Function Plaintext Storage of Private Key and Passphrase in Blue Coat Security Gateway OS Information Disclosure Vulnerability in Netenberg Fantastico De Luxe 2.8 Denial of Service Vulnerability in Secure Computing Corporation Sidewinder G2 6.1.0.01 Plaintext Storage of Credentials in WinFTP Server 1.6 Stack-based Buffer Overflow in Ipswitch IMail Express Web Messaging YaBB.pl XSS Vulnerability in YaBB 1 GOLD SP 1.3.2 CSRF Vulnerability in YaBB 1 GOLD SP 1.3.2 Allows Unauthorized Actions as Admin Buffer Overflow Vulnerability in F-Secure Anti-Virus Products via Malformed LHA Archive Unknown Overflow Vulnerability in phpgw_config Table for phpGroupWare before 0.9.14.002 Unspecified Security Hole in phpGroupWare Setup/Config Functionality Shared /proc Permissions Vulnerability in Linux VServer Arbitrary Code Execution Vulnerability in Samhain 1.8.9 through 2.0.1 Denial of Service Vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 Cross-Site Scripting (XSS) Vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 SQL Injection Vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 SQL Injection Vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 via shopproductselect.asp Sensitive Password Information Disclosure in Novell NetWare 6.5 SP 1.1 Overlay CD Installation Denial of Service Vulnerability in Davenport before 0.9.10 CCProxy Logging Component Buffer Overflow Vulnerability SMTP Proxy Format String Vulnerability Buffer Overflow Vulnerability in SlimFTPd 3.15 and Earlier Local File Disclosure Vulnerability in Keene Digital Media Server 1.0.2 Denial of Service Vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 Authentication Bypass Vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 on HP-UX Denial of Service Vulnerabilities in Ipswitch IMail Server Denial of Service Vulnerability in Ipswitch IMail Server Web Calendaring Component Denial of Service Vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 Arbitrary Command Execution in Axis Network Camera and Video Server Axis Network Camera and Video Server Directory Traversal Vulnerability Axis Network Camera and Video Server Vulnerability: Information Disclosure, System Modification, and Denial of Service Insufficient Access Control in Abczone.it WWWguestbook 1.1 Allows Remote Information Disclosure Multiple stack-based and heap-based buffer overflows in EnderUNIX spamGuard before 1.7-BETA: Remote Code Execution Vulnerabilities Privilege Escalation Vulnerability in Trend OfficeScan Corporate Edition 5.58 and Earlier Authentication Bypass Vulnerability in The Ignition Project ignitionServer Denial of Service Vulnerability in WinAgents TFTP Server 3.0 Buffer Overflow Vulnerability in ADM ActiveX Control for Altnet Download Manager Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 Arbitrary Web Script Injection Vulnerability in PeopleSoft HRMS 7.0 Cleartext Storage of SA Password in Computer Associates Unicenter Common Services 3.0 and Earlier SQL Injection Vulnerability in PHP-Fusion 4.01: Remote Code Execution Arbitrary Web Script Injection Vulnerability in PHP-Fusion 4.01 Unauthenticated Remote Firmware Upgrade Vulnerability in HP LaserJet 4200 and 4300 Printers Proxytunnel 1.1.3 and Earlier: Local User Credential Disclosure Vulnerability Unspecified Remote Vulnerability in Kerio MailServer Before 6.0.3 Vulnerability: Bypassing Antivirus Protection via Zero-Header Compressed Files Authentication Bypass Vulnerability in Jaws 0.3 Arbitrary Web Script Injection Vulnerability in Jaws 0.3 index.php Arbitrary File Viewing Vulnerability in Jaws 0.3 BETA 1st Class Mail Server 4.01 Directory Traversal Vulnerability Arbitrary Web Script Injection in 1st Class Mail Server 4.01 Insufficient Access Control in S-Mart Shopping Cart or RediCart 3.9.5b Allows Information Disclosure Denial of Service Vulnerability in Roger Wilco 1.4.1.6 and Earlier Sensitive Information Disclosure in Roger Wilco Client and Server Voices from the Deep: Remote Audio Injection in Roger Wilco Sensitive Information Disclosure in Hitachi Cosminexus Portal Framework Unspecified Vulnerability in Tutti Nova 0.10 - 0.12 and 0.9.4 Local Information Disclosure Vulnerability in aMSN 0.90 for Microsoft Windows TFTP-based Remote Information Disclosure and Privilege Escalation in Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) SQL Injection Vulnerability in miniBB 1.7f and Earlier: Remote Code Execution via User Parameter Denial of Service Vulnerability in 3Com OfficeConnect ADSL 11g Router Arbitrary Directory Creation Vulnerability in Open WebMail 2.30 and Earlier Local Password Disclosure Vulnerability in gnubiff 1.2.0 and Earlier Denial of Service Vulnerability in gnubiff POP3 with Infinite UIDL List Buffer Overflow Vulnerability in gnubiff's pop3.c Symlink Attack Vulnerability in cplay 1.49 on Linux Buffer Overflow Vulnerability in ADA Image Server (ImgSvr) 0.4 Allows Remote Code Execution Directory Traversal Vulnerability in ADA Image Server (ImgSvr) 0.4 and Earlier Arbitrary Web Script Injection Vulnerability in Easy Chat Server 1.2 Buffer Overflow Vulnerability in Easy Chat Server 1.2 and 2.2 Denial of Service Vulnerability in Easy Chat Server 1.2 SillySearch 2.3 XSS Vulnerability: Remote Code Injection via Search Parameter Reservation Manipulation Vulnerability Unspecified Login Vulnerability in MadBMS before 1.1.5 SQL Injection Vulnerability in sloth TCL Script in QuoteEngine 1.2.0 and Earlier Denial of Service Vulnerability in Agnitum Outpost Pro Firewall 2.1 Local File Overwrite Vulnerability in wmFrog Weather Monitor 0.1.6 and Earlier Versions SQL Injection Vulnerability in PHPNews 1.2.3: Remote Code Execution via sendtofriend.php Cross-Site Scripting (XSS) Vulnerability in Google Toolbar 2.0.114.1 via about.html Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 Local Privilege Escalation Vulnerability in DiamondCS Process Guard Free 2.000 Arbitrary File Read Vulnerability in Jetty HTTP Server Information Disclosure Vulnerability in Squid Web Proxy Cache 2.5 Arbitrary Website Access Vulnerability in Squid Web Proxy Cache 2.3.STABLE5 Arbitrary Host Connection Vulnerability in MyProxy 6.58 Arbitrary Code Execution Vulnerability in Microsoft Outlook 2000 and 2003 DNS Cache Poisoning and Denial of Service Vulnerability in Kerio WinRoute Firewall Arbitrary Web Script Injection in PHP Gift Registry 1.3.5 and Earlier Arbitrary File Inclusion Vulnerability in PHP Live! before 2.8.2 Uninitialized Variable Vulnerability in Dropbear SSH Server Nexgen FTP Server Directory Traversal Vulnerability Nexgen FTP Server Directory Traversal Vulnerability Format String Vulnerability in IBM Informix Dynamic Server (IDS) Allows Arbitrary Code Execution Buffer Overflow Vulnerability in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 via Long GL_PATH Environment Variable Race condition vulnerability in Opera web browser 7.53 Build 3850 allows URL spoofing and facilitates phishing attacks Arbitrary Web Script Injection Vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6 Arbitrary File Read Vulnerability in Groupmax World Wide Web (GmaxWWW) and Desktop Arbitrary Script Injection in Ability Mail Server 1.18 via _error Denial of Service (CPU Consumption) Vulnerability in Ability Mail Server 1.18 Denial of Service Vulnerability in OpenText FirstClass HTTP Daemon Arbitrary Script Injection in Hitachi Web Page Generator and Web Page Generator Enterprise Directory Structure Disclosure Vulnerability Unspecified Denial of Service Vulnerability in Hitachi Web Page Generator Unspecified Vulnerability in IlohaMail before 0.8.14-rc1 Buffer Overflow in MailEnable IMAP Service Local Privilege Escalation via Symlink Attack in im-switch before 11.4-46.1 in Fedora Core 2 Denial of Service Vulnerability in INweb Mail Server 2.40 Privilege Escalation via GUI in Alt-N Technologies MDaemon 7.2 and Earlier Denial of Service Vulnerability in Macromedia ColdFusion MX Unparsed Web Content Delivery Vulnerability in WIKINDX Absolute Path Traversal Vulnerability in Linksys WVC11B Wireless-B Internet Video Camera Arbitrary Web Script Injection in Linksys WVC11B Wireless-B Internet Video Camera Arbitrary Web Script Injection in Infopop UBB.Threads 6.2.3 and 6.5 Arbitrary Web Script Injection in Infopop UBB.Threads showflat.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in DCP-Portal 5.3.2 and Earlier CRLF Injection Vulnerability in DCP-Portal 5.3.2 and Earlier Buffer Overflow in Mercury (Pegasus) Mail 4.01 IMAP Service Allows Remote Code Execution Arbitrary Script Injection in PowerPortal 1.x Private Messages Module Potential Format String Vulnerability in VMware Workstation 4.5.2 build-8848 Directory Traversal Vulnerability in myServer 0.7 Allows Arbitrary Directory Listing Denial of Service Vulnerability in myServer 0.7.1 via Long HTTP POST Request Information Disclosure in Gattaca Server 2003 1.1.10.0 Denial of Service (CPU Consumption) Vulnerability in Gattaca Server 2003 1.1.10.0 Denial of Service Vulnerability in Gattaca Server 2003 1.1.10.0 POP3 Protocol Denial of Service Vulnerability in Gattaca Server 2003 1.1.10.0 Mail Server Arbitrary Script Injection in Gattaca Server 2003 1.1.10.0 Format String Vulnerability in OpenFTPD 0.30.2 and Earlier Plaintext Credential Exposure in Benchmark Designs' WHM AutoPilot 2.4.5 and Earlier Arbitrary Web Script Injection Vulnerability in Serendipity before 0.7.1 Arbitrary File Viewing Vulnerability in IBM Tivoli Directory Server Denial of Service Vulnerability in Windows XP and 2003 Login Screens Arbitrary Web Script Injection Vulnerability in Webcam Watchdog 4.0.1a Remote Code Execution Vulnerability in Gadu-Gadu Image Send Option File Extension Spoofing Vulnerability in Gadu-Gadu: Exploiting Visual Truncation Denial of Service Vulnerability in GnuTLS 1.0.16 Default Account and Password Vulnerability in Serv-U FTP Server before 5.1.0.0 Denial of Service Vulnerability in Serv-U FTP Server 4.1 Denial of Service Vulnerability in Fastream NETFile Server 7.1.2 Unauthenticated Remote Posting Vulnerability in Sticker Messaging Privilege Escalation via Unvalidated Per-TSS IO Bitmap Pointers Unspecified Webmail Security Bug in SurgeMail before 2.2c10 Direct static code injection vulnerability in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via header or footer NetCache and Data ONTAP Remote Denial of Service Vulnerability Denial of Service Vulnerability in Java Runtime Environment and Software Development Kit Cscope 15.5 Buffer Overflow Vulnerability SQL Injection Vulnerabilities in Dynix WebPAC: Remote Code Execution, Authentication Bypass, and Database Denial of Service Denial of Service Vulnerability in Secure Computing Corporation Sidewinder G2 6.1.0.01 Vulnerability: Private Key Exposure in Secure Computing Corporation Sidewinder G2 6.1.0.01 Denial of Service Vulnerability in Secure Computing Corporation Sidewinder G2 6.1.0.01 Memory Leak Vulnerabilities in Samba 3.0.6 and Earlier Versions Path Disclosure Vulnerability in NetWin SurgeMail and WebMail Cross-Site Scripting (XSS) Vulnerabilities in NetWin SurgeMail and WebMail Denial of Service Vulnerability in Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SandSurfer before 1.7.1 Multiple SQL Injection Vulnerabilities in Layton HelpBox 3.0.1: Arbitrary SQL Command Execution and Database Manipulation Buffer Overflow in XBoard 4.2.7 and Earlier via Long -icshost Argument Unofficial umode Command Exploit Grants Global IRC Operator Privileges in Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 Arbitrary Code Execution with SYSTEM Privileges in Novell Client Firewall (NCF) 2.0 Weak Cryptography in Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME Hardcoded Credentials in NetGear WG602 Wireless Access Point Firmware Hardcoded Account Vulnerability in NetGear WG602 Wireless Access Point Potential Credential Impersonation Attack in IBM Tivoli SecureWay Policy Director and Other Products Unauthenticated Remote Access to Administrative Functionality in DokuWiki Arbitrary Code Execution in DokuWiki (pre-2004-10-19) Multiple SQL Injection Vulnerabilities in Internet Software Sciences Web+Center 4.0.1 Arbitrary SQL Command Execution in LBE Web Helpdesk jobedit.asp Serena TeamTrack 6.1.1 Information Disclosure and Cross-Site Scripting Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Sambar Server 6.1 Beta 2 Directory Traversal Vulnerabilities in Sambar Server 6.1 Beta 2 Cross-Site Scripting (XSS) Vulnerabilities in LiveWorld Products Multiple SQL Injection Vulnerabilities in ReciPants 1.1.1 ReciPants 1.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary File Overwrite Vulnerability in ipmenu 0.0.3 Arbitrary File Access and URL Spoofing Vulnerability in Opera Multiple Buffer Overflow Vulnerabilities in EnderUNIX isoqlog 2.1.1 Information Disclosure Vulnerability in AMAX Magic Winmail Server 3.6 Remote Code Execution in phpGroupWare 0.9.14.005 and earlier via appdir parameter in tables_update.inc.php Arbitrary Web Script Injection Vulnerability in phpGroupWare 0.9.14.005 and Earlier Sensitive Information Disclosure in phpGroupWare 0.9.14.005 and Earlier Missing .htaccess File Creation in phpGroupWare 0.9.16.000 Allows Unauthorized Access to Sensitive Information Insecure acl_check Function in phpGroupWare 0.9.16RC2 Allows Unauthorized Access Plaintext Transmission of Admin and Setup Passwords in phpGroupWare Bypassing Access Control Rules in Novell iChain 2.3 via Overlong UTF-8 Encoding Novell iChain 2.3 Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Novell iChain 2.3 via Specific String in URL Information Disclosure Vulnerability in Novell iChain 2.3 Denial of Service (DoS) Vulnerability in SmarterTools SmarterMail SMTP Service Null Byte Injection Vulnerability in SmarterTools SmarterMail Arbitrary Script Injection in SmarterMail's Check Spelling Feature Arbitrary File Read Vulnerability in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 Denial of Service Vulnerability in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 XMB 1.9 Beta (Nexus Beta) phpinfo.php Information Leak Vulnerability Denial of Service Vulnerability in Gaim 0.82 Unspecified Regular Expression Vulnerability in meindlSOFT Cute PHP Library (aka cphplib) 0.46 Data Overwrite Vulnerability in ButtUglySoftware CleanCache 2.19 Remote Denial of Service Vulnerability in Quake II Server Buffer Overflow Vulnerability in Quake II Server Allows Remote Code Execution Absolute Path Traversal Vulnerability in Quake II Server Before R1Q2 on Windows Quake II Server Absolute Path Traversal Vulnerability Denial of Service Vulnerability in Quake II Server Quake II Server IP Bypass Vulnerability Remote Code Execution Vulnerability in Quake II Server Buffer Overflow Vulnerabilities in Quake II Server: Local Denial of Service Exploits IPMI 1.5-based Intel Server Boards and Platforms Authentication Type Enables Vulnerability UberTec Help Center Live (HCL) PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in UberTec Help Center Live (HCL) 1.2.7 and earlier versions Arbitrary Script Injection Vulnerability in UberTec Help Center Live (HCL) Search Module PHProxy index.php XSS Vulnerability Local File Overwrite Vulnerability in aStats 1.6.5 Remote Login Bypass Vulnerability in Linksys WRT54G and BEFSR41 Routers Numeric Casting Vulnerability in sdla_xfer in Linux Kernel 2.6.x and 2.4.x Insufficient Access Control in SmartWebby Smart Guest Book Allows Unauthorized Access to Administrator Credentials Vulnerability: Information Disclosure via Symantec PowerQuest DeployCenter 5.5 Boot Disks Privilege Escalation via Shell Metacharacters in mntd Configuration File Privilege Escalation Vulnerability in Sophster Suite Authentication Bypass Vulnerability in BNC 2.9.0 Unspecified vulnerability in procfs in Linux-VServer before 1.23 and 1.3.5 has unspecified impact and attack vectors Buffer Overflow Vulnerability in MyWeb 3.3 Allows Remote Code Execution World-writable permissions in CuteNews 1.3.6 and other versions allow for unauthorized news manipulation and potential privilege escalation Sensitive Information Disclosure via File Upload Success Message Pegasi Web Server (PWS) 0.2.2 Directory Traversal Vulnerability Arbitrary Web Script Injection in Pegasi Web Server (PWS) 0.2.2 Bypassing E-mail Protection in ripMIME 1.3.2.3 and Earlier Buffer Underflow Vulnerability in ripMIME 1.3.1.0 Race condition vulnerability in Nortel Contivity VPN Client allows for MITM attack Unauthenticated Remote Access Vulnerability in Altiris Deployment Solution User-controlled filter vulnerability in Rippy the Aggregator before 0.10 with register_globals enabled Arbitrary Script Injection in WackoWiki 3.5 TextSearch phrase Parameter Outblaze Email XSS Vulnerability: Remote Code Injection via IMG Tag Attribute Java API GUI Overlay Vulnerability in Siemens S55 Cellular Phones Allows Unauthorized SMS Message Sending J2ME Bytecode Validation Vulnerability Directory Traversal Vulnerabilities in thttpd 2.07 beta 0.4 on Windows Multiple Denial of Service Vulnerabilities in H.323 Protocol Implementation for First Virtual Communications Products Arbitrary Command Execution Vulnerability in phpMyAdmin MIME Transformation System PHP Code Execution Vulnerability in phpMyAdmin 2.5.1 up to 2.5.7 Remote Code Execution in phpMyAdmin 2.5.1 up to 2.5.7 Unspecified Remote Access Vulnerability in Sesamie 1.0 Local Privilege Escalation via Symlink Attack in IBM AIX 5.1 and 5.2 Remote Registry Access Vulnerability in McAfee Security Installer Control System 4.0.0.81 Source Code Disclosure in TinyWeb 1.9 via /./ in URL NAT Implementation Vulnerability in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 Remote File Access Vulnerability in Admin Access With Levels Plugin in osCommerce 1.5.1 Unspecified Remote Post Creation and Modification Vulnerability in Journalness 3.0.7 and Earlier LinuxStat lstat.cgi Directory Traversal Vulnerability Denial of Service Vulnerability in Sun Fire and Netra Servers Insecure Encryption in Yeemp 0.9.9 and Earlier Allows Sender Spoofing Microsoft cabarc Directory Traversal Vulnerability Unspecified Vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 with Unknown Impact and Attack Vectors in ANY Type Tag Processing Unspecified Vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 with Unknown Impact and Attack Vectors in Processing CHOICE Types with Indefinite Length Structures Denial of Service Vulnerability in Free Web Chat 2.0 Denial of Service Vulnerability in Free Web Chat 2.0 Denial of Service Vulnerability in FreezeX 1.00.100.0666 URL Obfuscation Vulnerability in Eudora 6.1.0.6 Denial of Service Vulnerability in Apache Foundation James 2.2.0 Spooler Multiple Cross-Site Scripting (XSS) Vulnerabilities in YaCy before 0.32 Null Dereference Vulnerability in Snort's DecodeTCPOptions Function Privilege Escalation Vulnerability in PD9 Software MegaBBS 2.0 and 2.1 Denial of Service Vulnerability in Squid Web Proxy Cache Keyboard Focus Vulnerability in rdesktop 1.3.1 with xscreensaver 4.14 Cross-Site Scripting (XSS) Vulnerabilities in Slashcode's Search and Submit Modules Persistent User Activity Records in Mozilla Firefox Terminal Name Spoofing Vulnerability in SUSE CORE 9's resmgr Race Condition Vulnerability in Opera's Open Button Memory Leak Vulnerability in Linux Kernel 2.6.x before 2.6.10 Improper File Name Validation in Soft3304 04WebServer Allows Remote Information Disclosure Denial of Service Vulnerability in Soft3304 04WebServer Arbitrary File Creation Vulnerability in IBM Access Support eGatherer ActiveX Control 2.0.0.16 Information Disclosure Vulnerability in John Lim ADOdb Library for PHP Unspecified Denial of Service Vulnerability in HP-UX ARPA Transport Software Information Disclosure Vulnerability in Mantis Bug Tracker Arbitrary Web Script Injection Vulnerability in Lotus Domino 6.0.x and 6.5.x Arbitrary SQL Command Execution Vulnerability in Interchange before 4.8.9 Multiple SQL Injection Vulnerabilities in Land Down Under (LDU) v701 eNdonesia 8.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in mod.php Information Disclosure Vulnerability in mod.php of eNdonesia 8.3 ArGoSoft FTP Server 1.4.2.2 Unspecified Vulnerability Allowing .lnk File Upload ArGoSoft FTP Server Multiple Buffer Overflow Vulnerabilities ArGoSoft FTP Server Directory Traversal Vulnerability ArGoSoft FTP Server 1.4.1.6 Denial of Service Vulnerability Privilege Escalation in Spy Sweeper Enterprise Client QwikMail SMTP Format String Vulnerability Unspecified Privilege Escalation Vulnerability in HP Tru64 UNIX 5.1B and 5.1A Information Disclosure Vulnerability in Check Point Firewall-1 4.1 up to NG AI R55 Memory Leakage in mod_python Output Filters Session Key Caching Vulnerability in PeerSec MatrixSSL Timing-based Side Channel Attack on PeerSec MatrixSSL Arbitrary File Access Vulnerability in InterSystems Cache' 5.0 Unspecified File Access Vulnerability in InterSystems Cache' 5.0 Buffer Overflow in YoungZSoft CCProxy 6.2 and Earlier via Long Address in Ping Command Solaris VFS Directory Traversal Vulnerability Unrestricted Remote Code Execution in distcc 2.x Cross-Site Scripting (XSS) Vulnerability in NewsPHP index.php Remote Code Execution Vulnerability in NewsPHP Arbitrary Code Execution via Unrestricted File Upload in NewsPHP Administration Panel Denial of Service Vulnerability in 3Com SuperStack 3 4400 Switches Remote Code Execution Vulnerability in exec_dir PHP Patch Insecure Directory Permissions in HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries Remote Code Execution Vulnerability in Microsoft Outlook Express 6.0 SQL Injection Vulnerability in Jelsoft vBulletin 3.0 through 3.0.3 via Authorize.net Callback Code Multiple User Identity Vulnerability in BEA WebLogic Server and WebLogic Express Privilege Escalation via Symlink Attack in Inventory Scout Daemon (invscoutd) Symlink Attack Vulnerability in IMWheel 1.0.0pre11 and Earlier Arbitrary Product Image Deletion Vulnerability in AspDotNetStorefront 3.3 Arbitrary File Upload Vulnerability in AspDotNetStorefront 3.3 Arbitrary Script Injection in signin.aspx for AspDotNetStorefront 3.3 Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded Bypassing Scanning in Clearswift MIMEsweeper 5.0.5 via Encrypted Data Cross-Site Scripting (XSS) Vulnerability in Hastymail 1.0.1 and Earlier Arbitrary Account Attribute Disclosure Vulnerability in PvPGN Denial of Service Vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 Unspecified Buffer Overflow Vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 Plaintext Password Storage Vulnerability in Gyach Enhanced (Gyach-E) Buffer Overflow Vulnerability in strip_html_tags Method of Gyach Enhanced (Gyach-E) before 1.0.4 Buffer Overflow Vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.3: Remote Code Execution and Denial of Service Buffer Overflow Vulnerabilities in Gyach Enhanced (Gyach-E) Before 1.0.2: Remote Code Execution and Denial of Service Buffer Overflow Vulnerability in Gyach Enhanced (Gyach-E) Allows Remote Denial of Service Vulnerability: Unprotected Access to %windir%\Internet Logs\* in Zone Alarm Pro 1.0-5.1 Format String Vulnerability in Window Maker 0.80.2 and Earlier Authentication Bypass Vulnerability in PHPMyChat 0.14.5 Multiple SQL Injection Vulnerabilities in PHPMyChat 0.14.5 Arbitrary File Read Vulnerabilities in PHPMyChat 0.14.5 Sensitive Information Disclosure in PHPMyChat 0.14.5 via Unprotected setup.php3 File Buffer Overflow in UrlToLocal Function in Foxmail 5.0.300 Allows Remote Code Execution Arbitrary Web Script Injection via Email Parameter in Snitz Forums 2000 3.4.04 and Earlier Insecure Key Generation in openSkat VTMF Allows Private Key Extraction Plaintext Password Storage in Nessus 2.0.10a Plaintext Password Storage in NessusWX 1.4.4 Denial of Service Vulnerability in LionMax Software Chat Anywhere 2.72a Multiple Cross-Site Scripting (XSS) Vulnerabilities in Aztek Forum 4.0 HTTPMail Service Denial of Service Vulnerability Buffer Overflow Vulnerability in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 Buffer Overflow Vulnerability in Hummingbird Connectivity FTP Server Arbitrary Code Execution Vulnerability in Hummingbird Connectivity's Inetd32 Administration Tool Privilege Escalation via Unreleased Share Mapping in Sysinternals PsTools Integer overflows in Sbus PROM driver allow arbitrary code execution Information Disclosure Vulnerability in Netbilling 2.0: Remote Access Key Exposure via nbmember.cgi Web Wiz Forums 7.7a Privilege Escalation Vulnerability Inconsistent Case Usage in Alias and Directory Tags Allows Access Control Bypass in Novell Web Manager Multiple Cross-Site Scripting (XSS) Vulnerabilities in P4DB 2.01 and Earlier Authentication Bypass in Polar HelpDesk 3.0 via Cookie Manipulation SQL Injection Vulnerability in NetSupport DNA HelpDesk 1.01 - Remote Code Execution Arbitrary Web Script Injection Vulnerability in ZeroBoard 4.1pl4 and Earlier Remote Code Execution in PHProjekt 4.2.1 and earlier via setup.php PHP Remote File Inclusion Vulnerability in PHProjekt 4.2.3 and Earlier: Arbitrary Code Execution via authform.inc.php Arbitrary Code Injection in Horde Application Framework 2.2.6 help window (help.php) Arbitrary Script Injection in Crystal Enterprise Report Viewer Arbitrary File Copy/Overwrite Vulnerability in Mega Upload Progress Bar Unspecified Security Vulnerability in Tincan Limited PHPlist before 2.8.12 Directory Traversal Vulnerability in Anteco Visual Technologies OwnServer 1.0 and Earlier SQL Injection Vulnerability in XTREME ASP Photo Gallery 2.0 Admin Login Directory Traversal Vulnerability in Quick 'n Easy FTP Server 1.77 and Earlier Versions Information Disclosure Vulnerability in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a Directory Traversal Vulnerability in 2Wire Gateway Allows Remote File Read Directory Traversal Vulnerability in JBrowser's browser.php SQL Injection Vulnerability in PostNuke Members List Module Arbitrary HTML and Script Injection in PostNuke Downloads Module Unspecified Local File Access Vulnerability in SharedX on HP-UX SQL Injection Vulnerability in YaBB SE 1.5.4 and Earlier Versions Arbitrary Script Injection in Symantec Web Security Arbitrary Web Script Injection Vulnerability in Xoops 2.x viewtopic.php Novell iChain Failed Login Page Cross-Site Scripting (XSS) Vulnerability Unspecified Denial of Service Vulnerabilities in Sun SunForum 3.2 and 3D 1.0 H.323 Protocol Implementation Vulnerability: Local Users Can Access Deleted File Data in Sparse Files in Sun StorEdge QFS and SAM-QFS File Systems OpenSSH 3.5p1 Vulnerability: TCP Connection Closure Discrepancy on Root Login Attempts MD5 Message-Digest Algorithm Vulnerability: Spoofing Attacks on X.509 Certificates Denial of Service Vulnerability in IBM Tivoli Storage Manager (TSM) Server Cross-Site Tracing (XST) Vulnerability in Sun ONE/iPlanet Web Server XML Sniffing Vulnerability in Sun SDK and Java Runtime Environment (JRE) 1.4.0 - 1.4.2_04 Cross-site scripting (XSS) vulnerability in Sun ONE Messaging Server and iPlanet Messaging Server Unspecified Remote Access Vulnerability in Sun ONE Messaging Server and iPlanet Messaging Server Denial of Service Vulnerability in NWFTPD.nlm FTP Server in Novell NetWare Privilege Escalation via Insecure Metadata Reset in dpkg 1.9.21 Cerberus FTP Server 4.0.3.0 and Earlier: Hidden File Listing Vulnerability Arbitrary Command Execution via Shell Metacharacters in Email Address Arbitrary Command Execution in GoScript 2.0 via go.cgi Vulnerability: Default and Weak Passwords in GE Healthcare Centricity Image Vault 3.x Inconsistent Directory and File Permissions in Gentoo Ebuilds Denial-of-Service (DoS) Vulnerability in libid3tag through 0.15.1b