Cyber Security Bulletin 2005 Summary
US-CERT Cyber Security Bulletin SB2005 -- Cyber Security Bulletin 2005 Summary
Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, so the information should not be considered the result of US-CERT analysis. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.
This bulletin provides a year-end summary of software vulnerabilities that were identified between January 2005 and December 2005. The information is presented only as a index with links to the US-CERT Cyber Security Bulletin the information was published in. There were 5198 reported vulnerabilities: 812 Windows operating system vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058 Multiple operating system vulnerabilities.
Vulnerabilities
* Windows Operating System
* Unix/ Linux Operating System
* Multiple Operating System
#
Windows Operating Systems
* 1Two Livre d'Or Input Validation Errors Permit Cross-Site Scripting
* 3Com 3CDaemon Multiple Remote Vulnerabilities
* 3Com 3CDaemon Multiple Remote Vulnerabilities (Updated)
* 3Com 3CDaemon Multiple Remote Vulnerabilities (Updated)
* 3Com 3CServer FTP Command Buffer Overflows
* 3Com Network Supervisor File Disclosure
* 7-Zip Arbitrary Code Execution
* Aaron Outpost ASP Inline Corporate Calendar Permits Remote SQL Injection
* Absolute Image Gallery XE Cross-Site Scripting
* Absolute Shopping Package Solutions Shopping Cart Cross-Site Scripting
* Access Remote PC Password Disclosure
* Acidcat CMS SQL Injection Vulnerability
* ACNews Information Disclosure
* Acoo Browser Javascript Spoofing
* Acrobat Reader Invalid-ID-Handle-Error Remote Code Execution Vulnerability
* Active News Manager Username and Password SQL Injection
* ActiveBuyandSell SQL Injection and Cross-Site Scripting
* ActiveWeb Active Auction House SQL Injection and Cross-Site Scripting Vulnerability
* Acuity CMS Cross-Site Scripting
* Acute Website Incorporated PeerFTP_5 FTP Password Disclosure
* Adaptive Hosting Solutions ProductCart Cross-Site Scripting and SQL Injection Vulnerabilities
* Adobe Acrobat and Reader File Discovery
* Adobe Acrobat and Reader File Discovery (Updated)
* Adobe Acrobat Reader Invalid-ID-Handle-Error Remote Code Execution (Updated)
* Adobe License Management Service Elevated Privilege Vulnerability
* Adobe SVG Viewer Lets Remote Users Determine if Files Exist
* Advanced Browser Javascript Spoofing
* Advanced Communications Hosting Controller Lets Remote Users Create User and Host Accounts
* Adventia Chat Cross-Site Scripting Vulnerabilities
* aeNovo Information Disclosure
* aeNovo SQL Injection or Cross-Site Scripting
* A-FAQ SQL Injection
* AhnLab V3 Antivirus Arbitrary Code Execution
* AhnLab V3 DeviceIoControl Multiple Vulnerabilities
* Allinta Cross-Site Scripting
* Altiris Deployment Solution AClient Security Bypass
* Alt-N MDaemon and WorldClient Denial of Service
* Alt-N MDaemon Directory Traversal and Arbitrary File Writing
* Alt-N Technologies MDaemon Denial of Service
* Alt-N WebAdmin Multiple Remote Vulnerabilities
* ALWIL avast! antivirus May Fail to Detect Certain Viruses
* ALWIL Software Avast! Antivirus Aavmker4 Device Driver Elevated Privileges
* ALZip Arbitrary Code Execution
* ALZip Unauthorized System Control
* AM Browser Javascript Spoofing
* AMAX Information Technologies, Inc. Magic Winmail Server Input Validation
* Amp II 3D Game Engine Remote Denial of Service
* AN HTTP Server 'cmdIS.DLL' Buffer Overflow Arbitrary Code Execution and Cross-Site Scripting Vulnerability
* AOL Instant Messenger Buddy Icon Remote Denial of Service (Updated)
* AOL Instant Messenger Smiley Icon Location Remote Denial Of Service Vulnerability
* APG Technology ClassMaster Folder Access Vulnerability
* Apple Darwin Streaming Server Denial of Service
* Apple iTunes Arbitrary Code Execution
* Apple QuickTime for Windows Denial of Service Vulnerability
* Apple 'quicktime.qts' Error in Parsing 'qtif' Images Remote Denial of Service
* Ares Arbitrary Code Execution
* ArGoSoft FTP Server 'DELE' Command Remote Buffer Overflow
* ArGoSoft FTP Server 'DELE' Command Remote Buffer Overflow (Updated)
* ArGoSoft FTP Server Discloses Username Status to Remote Users
* ArGoSoft FTP Server 'SITE COPY' Shortcut File
* Argosoft Mail Server Cross-Site Scripting and Script Insertion Vulnerabilities
* ArGoSoft Mail Server Directory Traversals
* ASP Fast Forum Cross Site Scripting
* ASP Knowledgebase SQL Injection Vulnerability
* ASP Nuke SQL Injection and Cross Site Scripting
* Asp Press ACS Blog Access Vulnerability
* ASP Resources Forum SQL Injection
* ASPBB Information Disclosure
* aspclick.it ACNews Administrative Access Vulnerability
* ASP-DEV XM Forum Cross Site Scripting
* ASP-DEv XM Forum Cross-Site Scripting Vulnerability
* ASPJar Guestbook Input Validation
* ASPjar Guestbook SQL Injection
* ASPMForum SQL Injection
* ASPNuke Cross Site Scripting
* ASPPlayground .NET Arbitrary Upload
* asppress ACS Blog Cross-Site Scripting Vulnerability
* aspReady FAQ Manager SQL Injection
* ASP-Rider SQL Injection
* Asus VideoSecurity Online Directory Traversal or Information Disclosure
* atrium software Mercur Messaging Multiple Vulnerabilities
* Avant Browser Dialog Box Origin Spoofing
* Avast! antivirus Arbitrary Code Execution
* Avaya CMS FTP Daemon Wildcard Denial of Service
* AVIRA Antivirus Arbitrary Code Execution
* BakBone NetVault Buffer Overflows Permit Remote Code Execution
* Befriendly.com Einstein Password Disclosure
* BFCommand & Control Server Managers Multiple Vulnerabilities
* BisonFTP Server Denial of Service
* BitDefender Anti-Virus Arbitrary Code Execution or Privilege Elevation
* Bjornar Henden 'Yet Another Forum.net' Input Validation Errors Permits Cross-Site Scripting
* BK Forum SQL Injection Vulnerability
* Black Cactus Warrior Kings Denial of Service and Format String Vulnerabilities
* BlueCollar Productions i-Gallery Cross-Site Scripting & Directory Traversal
* BlueWhaleCRM SQL Injection
* Bontago Game Server Nickname Remote Buffer Overflow
* Brat Designs Breed Remote Denial of Service
* BrightStor ARCserve Backup Arbitrary Code Execution or Denial of Service
* BrightStor ARCserve Backup Discovery Service Buffer Overflow
* bttlxeForum Discloses Installation Path to Remote Users
* Bugtracker.NET Unspecified SQL Injection Vulnerabilities
* BulletProof FTP Server Privilege Escalation
* Bungie Studios Halo: Combat Evolved Denial of Service Vulnerability
* Captaris Infinite Mobile Delivery Input Validation
* Capturix ScanShare Password Disclosure
* CartWIZ Cross Site Scripting
* CartWIZ Cross Site Scripting or SQL Injection
* Centra Profile Script Insertion Vulnerability
* Centrinity FirstClass Bookmark Input File Execution Vulnerability
* Cerberus FTP Server Denial of Service
* Cerulean Studios Trillian Insecure Image Data Remote Buffer Overflow
* Cerulean Studios Trillian Remote Code Execution Vulnerability
* Cerulean Studios Trillian User Information Disclosure
* CF_Nuke Cross-Site Scripting or Information Disclosure
* Chris Moneymaker's World Poker Championship Arbitrary Code Execution
* CIS WebServer Remote Directory Traversal
* Cisco Security Agent Elevated Privileges
* CiscoWorks Information Spoofing or Disclosure
* Citrix MetaFrame Conferencing Manager Access Control Vulnerability
* Citrix MetaFrame Secure Access Manager and NFuse Elite Cross-Site Scripting
* Citrix MetaFrame Security Restriction Bypassing
* Citrix Program Neighborhood Agent Two Vulnerabilities
* Citrix Program Neighborhood Client Information Disclosure
* ClearSwift MIMEsweeper Arbitrary Code Injection
* Clever's Games Terminator 3: War of the Machines Remote Buffer Overflow & Denial of Service
* Code Ocean Ocean FTP Server Multiple Connections Denial of Service
* Comersus BackOffice Multiple Vulnerabilities
* Comersus BackOffice Plus Cross-Site Scripting
* Comersus Cart Cross Site Scripting or SQL Injection
* Comersus Cart Multiple Vulnerabilities
* Comersus Cross-Site Scripting Vulnerability
* Comersus Cross-Site Scripting Vulnerability
* Community Server Cross Site Scripting
* Community Server Forums Cross Site Scripting
* Computalynx CProxy Directory Traversal & Remote Denial of Service
* Computer Associates eTrust Antivirus Integer Overflow in Processing Microsoft OLE Data Lets Remote Users Execute Arbitrary Code
* Computer Associates eTrust Intrusion Detection Denial of Service Vulnerability
* Computer Associates Unicenter Asset Management Multiple Vulnerabilities
* Computer Knacks, Inc. SendLink Password Disclosure
* Compuware DriverStudio Privilege Elevation or Arbitrary Code Execution
* Compuware Softice 'DbgMsg.sys' Remote Denial of Service
* CoolCafe 'login.asp' SQL Injection & Information Disclosure
* Cosminexus Collaboration and Groupmax Collaboration Cross-Site Scripting or Denial of Service
* Crazy Browser Javascript Spoofing
* Crob FTP Server Buffer Overflow Vulnerabilities
* Crystal FTP Pro Buffer Overflow (Updated)
* Crystal Reports/ Business Objects Enterprise Server Denial of Service
* CSystems WebArchiveX Arbitrary File Access
* Cybration ICUII Password Disclosure
* DameWare Arbitrary Code Execution
* DameWare Mini Remote Control Privilege Escalation Vulnerability
* DameWare Password Disclosure Vulnerability
* Darrel O'Neil ASP Virtual News Remote SQL Injection Vulnerability
* Dead Pirate Software SimpleCam Directory Traversal Flaw
* DelphiTurk CodeBank (KodBank) Elevated Privileges
* DelphiTurk CodeBank Password Disclosure
* DelphiTurk FTP Information Disclosure
* DG Remote Control Server Denial of Service
* Digger Solutions Intranet Open Source SQL Injection
* DivX Player Skin File Directory Traversal
* DotNetNuke Script Insertion Vulnerabilities
* Doug Luxem Liberum Help Desk "id" SQL Injection Vulnerability
* DVBBS Cross Site Scripting
* DzSoft PHP Editor Denial of Service
* Early Impact ProductCart Input Validation Flaws in Lets Remote Users Inject SQL Commands
* Ecomm Professional Guestbook "AdminPWD" SQL Injection
* Ecomm Professional Shopping Cart SQL Injection Vulnerability
* ECW-Cart Cross-Site Scripting
* Elemental Software CartWIZ SQL Injection and Cross-Site Scripting Vulnerability
* EnCase Device Configuration Overlay Data Acquisition Vulnerability
* enVivo!soft enVivo!CMS SQL Injection and Privilege Escalation
* ePolicy Information Disclosure and Privilege Elevation
* E-POST SPA-PRO Mail @Solomon IMAP Directory Traversal and Buffer Overflow
* e-Quick Cart Multiple Vulnerabilities
* Eset NOD32 Arbitrary Code Execution
* Eternal Lines Web Server Remote Denial of Service
* Eternal Lines Web Server Remote Denial of Service (Updated)
* Eudora WorldMail Server Information Disclosure
* Eurofull E-Commerce 'mensresp.asp' Cross-Site Scripting
* exdwc NewsletterEz Input Validation Vulnerability Lets Remote Users Inject SQL Commands
* eXeem Password Disclosure
* ExoticSoft FilePocket Password Disclosure
* exploitlabs WebcamXP User Redirection and Denial of Service Vulnerability
* Fast Browser Pro Javascript Spoofing
* Fastream NETFile FTP/Web Server FTP Bounce Vulnerability
* Fastream NETFile Server File Creation Vulnerability
* FastStone 4in1 Browser Information Disclosure Vulnerability
* File Transfer Anywhere Passwords Disclosure
* FileZilla Server Denial of Service
* FileZilla Server Terminal Privilege Elevation or Arbitrary Code Execution
* Firefly Studios Stronghold 2 Remote Denial of Service
* FL Studio Arbitrary Code Execution
* Fortibus CMS SQL Injection & Information Modification
* forumKIT Cross-Site Scripting
* Foxmail 'MAIL FROM:' Remote Buffer Overflow
* Free SMTP Server As Open Relay
* Freeftpd Denial of Service
* freeFTPd Denial of Service
* F-Secure Anti-Virus for Exchange and Internet Gatekeeper Directory Traversal
* F-Secure ARJ Archive Buffer Overflow
* FTGate Denial of Service or Arbitrary Code Execution
* FTPshell Server Denial of Service
* FUN labs Games Denial of Service Vulnerability
* Funduc Search and Replace Buffer Overflow
* FutureSoft TFTP Server 2000 Directory Traversal & Buffer Overflows
* Gaim File Transfer Remote Denial of Service
* GASoft Gurgens Guest Book Discloses Database and Passwords to Remote Users
* GASoft Ultimate Forum Discloses Database and Passwords to Remote Users
* GD Software SD Server Directory Traversal
* Gene6 FTP Server Insecure Critical Functionality
* GeoVision Digital Video Surveillance System Authentication Bypass
* GFI LANguard Network Security Scanner Password Disclosure
* GFi MailEssentials Denial of Service Vulnerability
* GFI MailSecurity Arbitrary Code Execution or Denial of Service
* GlobalScape CuteFTP Multiple Command Response Buffer Overflow (Updated)
* GlobalSCAPE Secure FTP Server Buffer Overflow Lets Remote Users Execute Arbitrary Code
* GlobalSCAPE Secure FTP Server Buffer Overflow Lets Remote Users Execute Arbitrary Code (Updated)
* GNU DC++ Arbitrary Files Modification Vulnerability
* GNU FileZilla Server Denial of Service Vulnerabilities
* GNU Maxthon Security ID Disclosure Vulnerability
* GNU MyServer Directory Listing and Cross-Site Scripting Vulnerability
* Golden FTP Server File and Path Disclosure
* GoodTech Systems GoodTech SMTP Server "RCPT TO" Denial of Service Vulnerability
* GoodTech Systems Telnet Server for Windows NT/2000/XP/2003 Remote Buffer Overflow
* GoodTech's SMTP Server Arbitrary Code Execution
* Google Talk Denial Of Service
* GoSurf Browser Javascript Spoofing
* Gracebyte Network Assistant Remote Denial of Service
* GraphOn GO-Global For Windows Denial of Service or Arbitrary Code Execution
* Groove Virtual Office / Workspace Multiple Vulnerabilities
* Halocon Remote Denial of Service
* Handy Address Book Server Cross-Site Scripting
* Handy Address Book Server Cross-Site Scripting (Updated)
* Hauri Arbitrary Code Execution
* Hitachi Multiple Hibun Products Security Restriction Bypass
* Home FTP Server Arbitrary File Access
* Hosting Controller Credit Modification or Account Creation
* Hosting Controller Error.ASP Cross Site Scripting
* Hosting Controller Information Disclosure
* Hosting Controller Multiple Information Disclosure
* Hosting Controller Multiple Vulnerabilities
* Hosting Controller 'resellerresources.asp' SQL Injection
* Hosting Controller 'UserProfile.asp' Authentication Bypass
* HP VCRM Password Disclosure
* HTMLJunction EZGuestbook Discloses Database to Remote Users
* Hyper Estraier Information Disclosure
* IA eMailServer Denial of Service
* Iatek PortalApp Cross-Site Scripting Vulnerabilities
* Iatek PortalApp SQL Injection and Cross-Site Scripting Vulnerabilities
* Iatek SiteEnable SQL Command Injection and Cross-Site Scripting Vulnerabilities
* IBM DB2 Denial of Service & Information Disclosure
* IBM Rational ClearQuest Multiple Cross-Site Scripting
* IBM WebSphere Application Server File Servlet Source Code Disclosure
* IBM WebSphere Application Server JSP Engine Source Code Disclosure
* IceWarp Web Mail Cross Site Scripting or Directory Traversal
* IceWarp Web Mail Multiple Remote
* IceWarp Web Mail Multiple Remote Vulnerabilities (Updated)
* iCMS Cross-Site Scripting or SQL Injection
* IISWorks ASPKnowledgeBase Cross-Site Scripting
* IISWorks.com ASP KnowledgeBase Database Disclosure
* IISWorks.com ASP Webmail Database Disclosure
* IISWorks.com Fileman Database Disclosure
* IISWorks.com ListPics Database Disclosure
* IMRadio Password Disclosure
* INCA nProtect Gameguard Unauthorized Read/Write Access
* INCA nProtect Gameguard Unauthorized Read/Write Access (Updated)
* India Software Solution Shopping Cart 'signin.asp' SQL Injection
* Indiatimes Messenger Denial of Service
* InnerMedia DynaZip Arbitrary Code Execution
* Internet Explorer Arbitrary Code Execution
* Intersoft NetTerm Remote Code Execution (Updated)
* Ipswitch IMail Server IMAP EXAMINE Command Remote Buffer Overflow
* Ipswitch IMail Server Multiple Vulnerabilities
* Ipswitch IMail Server Multiple Vulnerabilities (Updated)
* Ipswitch IMail Server Remote Buffer Overflow (Updated)
* Ipswitch IMailMailEnable Denial of Service
* Ipswitch WhatsUp Multiple Vulnerabilities
* Ipswitch WhatsUp Professional SQL Injection Vulnerability
* Ivory.org Whisper 32 Password Disclosure
* IVT BlueSoleil Directory Traversal Vulnerability
* Jeuce Personal Web Server Directory Traversal & Denial of Service
* Jeuce Personal Web Server Remote Denial of Service
* JiRo's Upload System Input Validation Vulnerability Lets Remote Users Inject SQL Commands
* JoWood Chaser Remote Buffer Overflow
* JoWood Productions Soldner Secret Wars Multiple Remote Vulnerabilities
* JView Profiler Arbitrary Code Execution
* KarjaSoft Sami HTTP Server Input Validation Holes
* Kaspersky Anti-Virus Klif.Sys Privilege Escalation Vulnerability
* Kerio Personal Firewall Access Vulnerability
* Kerio Personal Firewall and Server Firewall Denial of Service
* Kerio Products Password Brute Force and Denial of Service
* Kerio WinRoute Firewall Security Restriction Bypassing
* Keyvan1 ImageGallery Information Disclosure Vulnerability
* KF Web Server Directory Listings Disclosure
* KillProcess Arbitrary Code Execution
* K-Meleon Denial of Service
* K-Meleon Denial of Service (Update)
* Kmint Software Golden FTP Server 'USER" Remote Buffer Overflow
* KMiNT21 Software Golden FTP Server RNTO Command Buffer Overflow
* KMiNT21 Software Golden FTP Server RNTO Command Buffer Overflow (Updated)
* LeapFTP Arbitrary Code Execution
* Lightspeed Technologies DeluxeFTP Information Disclosure Vulnerability
* LionMax Software Chat Anywhere Password Disclosure
* livingmailing Input Validation Hole Lets Remote Users Inject SQL Commands
* LocazoList Classifieds Cross-Site Scripting
* LogiSphere Denial of Service
* Loki Download Manager SQL Injection
* LS Games War Times Denial of Service
* M. Dev Software ZipGenius Remote File Creation Vulnerability
* Macallan Mail Solution Denial of Service Vulnerability
* Macromedia Breeze Communication Server Denial of Service
* Macromedia Breeze Information Disclosure
* Macromedia Contribute Publishing Server Information disclosure
* Macromedia Products eLicensing Function Escalated Privilege Vulnerability
* Magnus Lundvall Yawcam Information Disclosure Vulnerability
* MailEnable Arbitrary Code Execution
* MailEnable Arbitrary Code Execution
* MailEnable Arbitrary Code Execution
* MailEnable Arbitrary Code Execution (Updated)
* MailEnable Arbitrary Code Execution or Denial of Service
* MailEnable Denial of Service
* MailEnable Denial of Service
* MailEnable Denial of Service Vulnerability
* MailEnable HTTPMail Vulnerability
* MailEnable IMAP "LOGIN" Command Buffer Overflow Vulnerability
* MailEnable Professional Arbitrary Code Execution
* MailEnable Standard SMTP Format String Vulnerability
* MailEnable Unspecified SMTP Authentication Denial of Service
* MailSite Express Arbitrary Code Execution
* Mall23 SQL Injection
* Mall23 SQL Injection (Updated)
* Massimiliano Montoro Cain Abel Buffer Overflow Causes Remote Code Execution
* MaxWebPortal Cross-Site Scripting and SQL Injection
* MaxWebPortal Input Validation Hole in 'password.asp' Permits SQL Injection
* MaxWebPortal SQL Injection and Cross-Site Scripting Vulnerabilities
* MaxWebPortal SQL Injection and Privilege Escalation
* McAfee Internet Security Suite Elevated Privilege Vulnerability
* McAfee IntruShield Security Management System Cross Site Scripting & Information Disclosure
* McAfee Security Management System Elevated Privileges or Cross Site Scripting
* Media Online Store Portal SQL Injection Vulnerability
* Media2 CMS Shop SQL Injection
* Merak Mail Server Arbitrary File Access
* Mercury Mail Arbitrary Code Execution
* MercurySteam Scrapland Game Server Remote Denials of Service
* Metalinks MetaBid Three SQL Injection Vulnerabilities
* Metalinks MetaCart Multiple SQL Injection Vulnerabilities
* Microsoft ActiveSync Information Disclosure or Denial of Service
* Microsoft Agent Could Allow Spoofing
* Microsoft Agent Could Allow Spoofing
* Microsoft ASP.NET Canonicalization (Updated)
* Microsoft ASP.NET Canonicalization (Updated)
* Microsoft ASP.NET Canonicalization (Updated)
* Microsoft ASP.NET Canonicalization (Updated)
* Microsoft ASP.NET Unicode Character Conversion Multiple Cross-Site Scripting
* Microsoft ASP.NET ViewState Denial of Service and Security Bypass
* Microsoft Client Service for NetWare Arbitrary Code Execution
* Microsoft Client Service for NetWare Arbitrary Code Execution (Updated)
* Microsoft Collaboration Data Objects Arbitrary Code Execution
* Microsoft DirectX DirectShow Arbitrary Code Execution
* Microsoft DirectX DirectShow Arbitrary Code Execution (Updated)
* Microsoft DirectX DirectShow Arbitrary Code Execution (Updated)
* Microsoft DirectX DirectShow Arbitrary Code Execution (Updated)
* Microsoft DirectX DirectShow Arbitrary Code Execution (Updated)
* Microsoft DirectX DirectShow Arbitrary Code Execution (Updated)
* Microsoft Excel Arbitrary Code Execution
* Microsoft Exchange Server 2003 Denial of Service
* Microsoft Exchange Server Nested Subfolders Remote Denial of Service
* Microsoft Exchange Server Remote Code Execution Vulnerability
* Microsoft Exchange Server Remote Code Execution Vulnerability (Updated)
* Microsoft Exchange Server Remote Code Execution Vulnerability (Updated)
* Microsoft FrontPage 2000 DAV File Upload
* Microsoft FrontPage Denial of Service
* Microsoft HTML Help Could Allow Remote Code Execution
* Microsoft IIS Denial of Service
* Microsoft Internet Explorer AddChannel Cross-Zone Scripting
* Microsoft Internet Explorer Arbitrary Code Execution
* Microsoft Internet Explorer Arbitrary Code Execution
* Microsoft Internet Explorer Arbitrary Code Execution
* Microsoft Internet Explorer Arbitrary Code Execution
* Microsoft Internet Explorer Arbitrary Code Execution
* Microsoft Internet Explorer Arbitrary Code Execution
* Microsoft Internet Explorer Arbitrary Code Execution (Updated)
* Microsoft Internet Explorer Arbitrary Code Execution (Updated)
* Microsoft Internet Explorer Arbitrary Code Execution (Updated)
* Microsoft Internet Explorer Arbitrary Code Execution (Updated)
* Microsoft Internet Explorer Arbitrary Code Execution (Updated)
* Microsoft Internet Explorer Arbitrary Code Execution (Updated)
* Microsoft Internet Explorer Could Allow Remote Code Execution
* Microsoft Internet Explorer Denial of Service
* Microsoft Internet Explorer Denial of Service
* Microsoft Internet Explorer Denial of Service (Updated)
* Microsoft Internet Explorer DHTML Edit Control Script Injection (Updated)
* Microsoft Internet Explorer DHTML Edit Control Script Injection (Updated)
* Microsoft Internet Explorer DHTML Edit Control Script Injection (Updated)
* Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability
* Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability (Updated)
* Microsoft Internet Explorer Dynamic IFRAME Security Bypass
* Microsoft Internet Explorer Favorites List
* Microsoft Internet Explorer FTP Download Directory Traversal
* Microsoft Internet Explorer HREF Tag Mouse Event
* Microsoft Internet Explorer Information Disclosure
* Microsoft Internet Explorer Information Disclosure
* Microsoft Internet Explorer Information Disclosure (Updated)
* Microsoft Internet Explorer JavaScript OnLoad Handler Remote Denial of Service
* Microsoft Internet Explorer Lets Remote Users Hide Scripting Code
* Microsoft Internet Explorer Malformed 'File:' URI Denial of Service
* Microsoft Internet Explorer MSHTML.DLL CSS Handling Remote Denial of Service
* Microsoft Internet Explorer Remote Code Execution Vulnerability
* Microsoft Internet Explorer Remote Code Execution Vulnerability (Updated)
* Microsoft Internet Explorer Remote Information Disclosure
* Microsoft Internet Explorer Restricted Sites Malformed URI Remote Denial of Service
* Microsoft Internet Explorer Script-initiated Pop-up Windows Spoofing
* Microsoft Internet Explorer Unauthorized Access
* Microsoft Internet Explorer Unauthorized Access (Updated)
* Microsoft Internet Explorer Unauthorized Access (Updated)
* Microsoft Internet Explorer Unauthorized Access (Updated)
* Microsoft Internet Explorer Vulnerabilities
* Microsoft Internet Explorer Vulnerabilities (Updated)
* Microsoft Internet Explorer Web Folder Behaviors Information Disclosure or Arbitrary Code Execution
* Microsoft Internet Information Server HTTP Response Smuggling
* Microsoft IPV6 TCPIP Loopback LAND Denial of Service Vulnerability
* Microsoft ISA Access and Elevation of Privilege Vulnerabilities
* Microsoft ISA Server in SecureNAT Configuration Denial of Service
* Microsoft Jet Database Remote Code Execution Vulnerability
* Microsoft Jet Database Remote Code Execution Vulnerability (Updated)
* Microsoft Jet Database Remote Code Execution Vulnerability (Updated)
* Microsoft JView Profiler Arbitrary Code Execution (Updated)
* Microsoft Log Sink Class ActiveX Control
* Microsoft Media Player & Windows/MSN Messenger PNG Processing
* Microsoft Media Player & Windows/MSN Messenger PNG Processing (Updated)
* Microsoft Media Player & Windows/MSN Messenger PNG Processing (Updated)
* Microsoft Media Player & Windows/MSN Messenger PNG Processing (Updated)
* Microsoft Media Player & Windows/MSN Messenger PNG Processing (Updated)
* Microsoft Media Player & Windows/MSN Messenger PNG Processing (Updated)
* Microsoft MSN Messenger / Internet Explorer Application Crash
* Microsoft MSN Messenger Remote Code Execution Vulnerability
* Microsoft MSN Messenger Remote Code Execution Vulnerability (Updated)
* Microsoft MSRPC Information Disclosure
* Microsoft NetDDE Remote Code Execution (Updated)
* Microsoft Network Connection Manager Denial of Service
* Microsoft Network Connection Manager Denial of Service (Updated)
* Microsoft Office Denial of Service
* Microsoft Office InfoPath 2003 Information Disclosure Vulnerability
* Microsoft Office RC4 Stream Cipher
* Microsoft Office URL File Location Handling Buffer Overflow
* Microsoft Office URL File Location Handling Buffer Overflow (Updated)
* Microsoft Office URL File Location Handling Buffer Overflow (Updated)
* Microsoft Office URL File Location Handling Buffer Overflow (Updated)
* Microsoft Outlook 2002 Connector For IBM Lotus Domino Policy Bypass Vulnerability
* Microsoft Outlook and Outlook Web Access Email Spoofing Vulnerability
* Microsoft Outlook Express Could Allow Remote Code Execution
* Microsoft Outlook Express Could Allow Remote Code Execution (Updated)
* Microsoft Outlook Express Could Allow Remote Code Execution (Updated)
* Microsoft Outlook Express Information Disclosure or System Crash
* Microsoft Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks
* Microsoft Outlook Web Access URI Redirection
* Microsoft Plug and Play Arbitrary Code Execution or Elevated Privileges
* Microsoft Plug and Play Arbitrary Code Execution or Elevated Privileges (Updated)
* Microsoft Plug and Play Arbitrary Code Execution or Elevated Privileges (Updated)
* Microsoft Remote Desktop Protocol Denial of Service
* Microsoft Server Message Block Could Allow Remote Code Execution
* Microsoft SMTP Remote Code Execution (Updated)
* Microsoft SMTP Remote Code Execution (Updated)
* Microsoft SQL Server 2000 Multiple Vulnerabilities
* Microsoft Step-by-Step Interactive Training Could Allow Remote Code Execution
* Microsoft Telephony Service Remote Code Execution
* Microsoft Telnet Client Could Allow Information Disclosure
* Microsoft Update Rollup 1 for Windows 2000 SP4
* Microsoft Web Client Service Could Allow Remote Code Execution
* Microsoft Windows 2000 Group Restriction Bypass
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows ANI File Parsing Errors (Updated)
* Microsoft Windows Color Management Module Buffer Overflow or Arbitrary Code Execution
* Microsoft Windows Color Management Module Buffer Overflow or Arbitrary Code Execution (Updated)
* Microsoft Windows CreateRemoteThread Denial of Service
* Microsoft Windows Drag and Drop
* Microsoft Windows EMF File Denial of Service Vulnerability
* Microsoft Windows EMF File Denial of Service Vulnerability (Updated)
* Microsoft Windows Explorer and Internet Explorer Denial of Service Vulnerability
* Microsoft Windows Explorer Preview Pane Script Injection Vulnerability
* Microsoft Windows Explorer Preview Pane Script Injection Vulnerability (Updated)
* Microsoft Windows FTP Client Arbitrary File Control
* Microsoft Windows FTP Client Arbitrary File Control (Updated)
* Microsoft Windows Graphics Rendering Engine Arbitrary Code Execution
* Microsoft Windows HTML Help ActiveX Control
* Microsoft Windows HTML Help ActiveX Control (Updated)
* Microsoft Windows Hyperlink Object Library Buffer Overflow
* Microsoft Windows Hyperlink Object Library Buffer Overflow (Updated)
* Microsoft Windows Hyperlink Object Library Buffer Overflow (Updated)
* Microsoft Windows Image Rendering Denial of Service Vulnerability
* Microsoft Windows Indexing Service Buffer Overflow
* Microsoft Windows Indexing Service Buffer Overflow (Updated)
* Microsoft Windows Kerberos PKINIT Information Disclosure or Denial of Service
* Microsoft Windows Kerberos PKINIT Information Disclosure or Denial of Service
* Microsoft Windows Kernel Denial Of Service
* Microsoft Windows Kernel Elevation of Privilege and Denial of Service Vulnerabilities
* Microsoft Windows Kernel Elevation of Privilege and Denial of Service Vulnerabilities (Updated)
* Microsoft Windows Kernel Elevation of Privilege and Denial of Service Vulnerabilities (Updated)
* Microsoft Windows LAND Attack Remote Denial of Service
* Microsoft Windows License Logging Service Buffer Overflow
* Microsoft Windows License Logging Service Buffer Overflow (Updated)
* Microsoft Windows License Logging Service Buffer Overflow (Updated)
* Microsoft Windows License Logging Service Buffer Overflow (Updated)
* Microsoft Windows License Logging Service Buffer Overflow (Updated)
* Microsoft Windows LoadImage API Buffer Overflow (Updated)
* Microsoft Windows LoadImage API Buffer Overflow (Updated)
* Microsoft Windows LoadImage API Buffer Overflow (Updated)
* Microsoft Windows Local Denial Of Service Vulnerability
* Microsoft Windows Media Player May Allow Redirection
* Microsoft Windows Message Queuing Remote Code Execution Vulnerability
* Microsoft Windows Message Queuing Remote Code Execution Vulnerability (Updated)
* Microsoft Windows Message Queuing Remote Code Execution Vulnerability (Updated)
* Microsoft Windows MSDTC and COM+ Privilege Elevation, Arbitrary Code Execution, or Denial of Service
* Microsoft Windows MSDTC and COM+ Privilege Elevation, Arbitrary Code Execution, or Denial of Service (Updated)
* Microsoft Windows MSDTC and COM+ Privilege Elevation, Arbitrary Code Execution, or Denial of Service (Updated)
* Microsoft Windows MSDTC and COM+ Privilege Elevation, Arbitrary Code Execution, or Denial of Service (Updated)
* Microsoft Windows Network Connections Manager Library Denial of Service
* Microsoft Windows NTFS File Block Initialization
* Microsoft Windows OLE / COM Remote Code Execution
* Microsoft Windows Plug and Play Arbitrary Code Execution
* Microsoft Windows Plug and Play Arbitrary Code Execution (Updated)
* Microsoft Windows Plug and Play Arbitrary Code Execution (Updated)
* Microsoft Windows Print Spooler Arbitrary Code Execution
* Microsoft Windows Privilege Elevation
* Microsoft Windows Privilege Elevation (Updated)
* Microsoft Windows Remote Desktop Denial of Service
* Microsoft Windows Remote Desktop Protocol Private Key Disclosure
* Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure
* Microsoft Windows Remote Desktop 'TSShutdn.exe' Denial of Service Vulnerability
* Microsoft Windows Resource Kit 'w3who.dll' Buffer Overflow & Input Validation (Updated)
* Microsoft Windows Server 2003 Local Denial of Service Vulnerabilities
* Microsoft Windows SharePoint Services Cross-Site Scripting & Spoofing
* Microsoft Windows SharePoint Services Cross-Site Scripting & Spoofing (Updated)
* Microsoft Windows Shell Arbitrary Code Execution
* Microsoft Windows Shell Arbitrary Code Execution (Updated)
* Microsoft Windows Shell Remote Code Execution (Updated)
* Microsoft Windows Shell Remote Code Execution Vulnerability
* Microsoft Windows Shell Remote Code Execution Vulnerability (Updated)
* Microsoft Windows SMB Buffer Overflow
* Microsoft Windows SMB Buffer Overflow (Updated)
* Microsoft Windows SMB Buffer Overflow (Updated)
* Microsoft Windows SMB Buffer Overflow (Updated)
* Microsoft Windows TCP/IP Remote Code Execution and Denial of Service Vulnerabilities
* Microsoft Windows TCP/IP Remote Code Execution and Denial of Service Vulnerabilities (Updated)
* Microsoft Windows TCP/IP Remote Code Execution and Denial of Service Vulnerabilities (Updated)
* Microsoft Windows TCP/IP Remote Code Execution and Denial of Service Vulnerabilities (Updated)
* Microsoft Windows USB Driver Buffer Overflow
* Microsoft Windows 'User32.DLL' Icon Handling Remote Denial of Service
* Microsoft Windows XP Named Pipe Information Disclosure
* Microsoft Windows XP Windows Management Instrumentation Denial of Service
* Microsoft Windows XP Wireless Zero Configuration Service Information Disclosure
* Microsoft WINS Name Validation (Updated)
* Microsoft WINS Name Validation (Updated)
* Microsoft Word Buffer Overflow or Arbitrary Code Execution
* Microsoft Word MCW File Handler Buffer Overflow Vulnerability
* Microsoft Word Remote Code Execution & Escalation of Privilege Vulnerabilities (Updated)
* Microsoft Word Remote Code Execution and Escalation of Privilege Vulnerabilities
* Microsoft Word Remote Code Execution and Escalation of Privilege Vulnerabilities (Updated)
* Microsoft Word Remote Code Execution and Escalation of Privilege Vulnerabilities (Updated)
* Microsoft Word Remote Code Execution and Escalation of Privilege Vulnerabilities (Updated)
* MindAlign Multiple Vulnerabilities
* Miranda IM PopUp Plus Plugin Remote Code Execution Vulnerability
* Miranda IM PopUp Plus Plugin Remote Code Execution Vulnerability (Updated)
* Mozilla Bugzilla Internal Error
* Mozilla Firefox Download Dialog Spoofing Vulnerabilities
* MS ASP.NET Denial of Service
* MSN Messenger Protocol Denial of Service
* Multi-Computer Control System Denial of Service
* Multiple Vendor Arbitrary Code Execution
* Multiple Vendor ZoneAlarm Denial of Service
* Multiple Vendors Mozilla/Netscape/Firefox Browser Modal Dialog Spoofing
* Multiple Vendors Mozilla/Netscape/Firefox Browser Modal Dialog Spoofing (Updated)
* Musicmatch Jukebox Elevated Privilege and Cross-Site Scripting Vulnerabilities
* My Album Information Disclosure
* MyInternet Browser Javascript Spoofing
* Mysoft Technology Maxthon "m2_search_text" Information Disclosure Vulnerability
* MyTemplateSite Cross-Site Scripting
* NateOn Messenger Arbitrary Code Execution or Denial of Service
* Naxtor e-Directory Cross-Site Scripting or SQL Injection
* Naxtor Shopping Cart Cross-Site Scripting or SQL Injection
* Neslo Desktop Rover Denial of Service Vulnerability
* NetAuctionHelp Auction Software Cross-Site Scripting
* NetCaptor Browser Javascript Spoofing
* NetCPlus BusinessMail Server SMTP Command Validation Error Remote Denial of Service
* NetLeaf Limited NotJustBrowsing Discloses Application Passwords
* NetManage RUMBA Profile Handling Multiple Buffer Overflow
* NetManage RUMBA Profile Handling Multiple Buffer Overflow (Updated)
* NetObjects Fusion Information Disclosure
* Netscape Browser Information Disclosure Vulnerability
* Netscape Denial of Service
* Netscape IDN Implementation URL Spoof
* NetWin DMail Errors Let Remote Users Bypass Authentication and Execute Code
* NetworkActiv Web Server Cross-Site Scripting
* Network-Client.com FTP Now Local Information Disclosure Vulnerability
* Newmad Technologies PicoWebServer Remote Buffer Overflow
* NEXTWEB (i)Site Discloses Database and Passwords to Remote Users and Permits SQL Injection
* NodeManager SNMPv1 traps Buffer Overflow
* NodeManager SNMPv1 traps Buffer Overflow (Updated)
* Nortel Contivity VPN Client Password Disclosure Vulnerability
* Nortel Contivity VPN Client Password Disclosure Vulnerability (Updated)
* Nortel VPN Client Privilege Elevation
* Notify Technology NotifyLink Enterprise Server Multiple Vulnerabilities
* NotJustBrowsing Browser Javascript Spoofing
* Novell eDirectory Can Be Crashed With Requests Containing MS-DOS Device Names
* Novell eDirectory Denial of Service or Unauthorized File Access
* Novell eDirectory Security Bypass
* Novell GroupWise Arbitrary Code Execution
* Novell GroupWise Client Local Password Disclosure
* Novell Nsure Audit Denial of Service Vulnerability
* Nullsoft Winamp Malformed MP4 Remote Denial of Service (Updated)
* Nullsoft Winamp Multiple Unspecified Vulnerabilities
* Nullsoft Winamp Variant IN_CDDA.dll Remote Buffer Overflow
* OASYS Lite Cross-Site Scripting
* Ocean12 Calendar Manager Pro Authentication Bypassing
* Ocean12 Calendar Manager SQL Injection Vulnerability
* Ocean12 Mailing List Manager Remote SQL Injection
* Ocean12 Membership Manager Pro Cross-Site Scripting and SQL Injection Vulnerability
* OKBSYS Lite Cross-Site Scripting
* Oleh Yuschuk OllyDbg Error in Loading Causes Denial of Service Vulnerability
* Omni Browser Javascript Spoofing
* OneWorldStore Denial of Service Vulnerability
* OneWorldStore Information Disclosure Vulnerability
* OneWorldStore Multiple Vulnerabilities
* OpenConnect Systems WebConnect Remote Denial of Service and Information Disclosure
* OpenConnect Systems WebConnect Remote Denial of Service and Information Disclosure (Updated)
* Opera 'data:' URI Handler Spoofing
* Opera Web Browser Download Dialog File Manipulation
* Optimal Desktop Javascript Spoofing
* Orenosv HTTP/FTP Server Buffer Overflows
* Orvado ASP Nuke SQL Injection and Cross-Site Scripting Vulnerabilities
* OS4E 'LOGIN.ASP' SQL Injection
* Painkiller Buffer Overflow Remote Denial of Service
* Panda Software Antivirus Library ZOO Archive Heap Overflow
* pcAnywhere Authentication Denial of Service Vulnerability
* Peer2Mail Password Disclosure
* Peer2Mail Password Disclosure (Updated)
* Pegasus Mail Arbitrary Code Execution
* Perception LiteWeb Protected File Access Vulnerability
* Piotr Kowalski LANChat Pro Remote Denial of Service
* PlatinumFTPServer Malformed User Name Connection Remote Denial of Service
* PMSoftware Simple Web Server Buffer Overflow Permits Remote Code Execution
* PMSoftware Simple Web Server Remote Code Execution Vulnerability (Updated)
* PowerArchiver Arbitrary Code Execution
* PPP Infotech netMailshar Professional Two Vulnerabilities
* Pragma TelnetServer Lets Remote Users Hide Log Entries
* Prevx Pro File Modification & Driver Spoofing
* PrivaShare Denial of Service
* Process Explorer Arbitrary Code Execution
* ProRat Server Arbitrary Code Execution
* PY Software Active Webcam Webserver Remote Denials of Service & Information Disclosure
* Qualcomm Eudora E-mail, Stationary/Mailbox Files Remote Code Execution
* Quick 'n Easy FTP Server Denial of Service
* RaidenHTTPD Directory Traversal
* RaidenHTTPD Multiple Remote Vulnerabilities
* Randy Wable datatrac Denial of Service Vulnerability
* RARLAB WinRAR Directory Traversal
* Raysoft Video Cam Server Multiple Vulnerabilities
* RealArcade Vulnerabilities
* RealNetworks Realplayer Enterprise Buffer Overflow Vulnerability
* RealPlayer Enterprise Arbitrary Code Execution
* RealPlayer Security Zone Bypass
* Rebrand P2P Share Spy Information Disclosure Vulnerability
* Rediff Bol Window's Address Book Disclosure
* Reflection for Secure IT Multiple Vulnerabilities
* RhinoSoft Serv-U FTP Server Remote Denial of Service
* RockLiffe MailSite Express WebMail Multiple Vulnerabilities
* RSA ACE/ Agent for Web Cross Site Scripting
* RSA Authentication Agent for Web Buffer Overflow Vulnerability
* RSA Authentication Agent for Web Buffer Overflow Vulnerability (Updated)
* RSA Authentication Agent for Web for IIS Cross-Site Scripting Vulnerability
* RSA Authentication Agent for Web for IIS Cross-Site Scripting Vulnerability (Updated)
* Runtime GetDataBack for NTFS Local Information Disclosure Vulnerability
* rwAuction Pro Cross-Site Scripting
* SafeNet Sentinel License Manager Remote Buffer Overflow
* SafeNet Sentinel License Manager Remote Buffer Overflow (Updated)
* SafeNet SoftRemote VPN Client Key Disclosure
* Savant Web Server Remote Buffer Overflow
* Savant Web Server User Information Disclosure
* SecureOL VE2 Security Restriction Bypass
* SecureW2 Information Disclosure
* SecureW2 Information Disclosure (Updated)
* ServersCheck Directory Traversal
* Serv-U FTP Server Denial of Service
* Sights 'n Sounds Streaming Media Server Denial of Service
* Sigma ISP Manager SQL Injection Vulnerabilities
* SiteBeater MP3 Catalog Cross-Site Scripting
* SiteBeater News System Cross-Site Scripting
* Skype for Windows Security Bypass
* Slim Browser Javascript Spoofing
* SlimFTPd Arbitrary Code Execution
* SlimFTPd Denial of Service
* Small HTTP Server Arbitrary File Writing
* SmarterMail Cross-Site Scripting
* SnugServer FTP Service Directory Traversal
* soft3304 04WebServer Directory Traversal
* software602 602LAN SUITE HTML Log File Processing Flaw Lets Remote Users Hide Log Entries
* Software602 602LAN SUITE Input Validation
* Software602 602LAN SUITE Input Validation (Updated)
* Software602 602LAN SUITE Local File Detection and Denial of Service
* Software602 602LAN SUITE Local File Detection and Denial of Service (Updated)
* Softwin BitDefender Insecure Program Execution Vulnerability
* Solupress News Cross-Site Scripting
* Sony SunnComm MediaMax Insecure Directory Permissions (Updated)
* Sophos Anti-Virus Denial of Service
* SpeedProject Arbitrary Code Execution
* SSH Secure Shell and Tectia Server Key Disclosure
* SSH Secure Shell and Tectia Server Key Disclosure (Updated)
* StoneGate Firewall and VPN Engine Denial of Service
* Storage Exec/ StorageCentral Arbitrary Code Execution
* Storage Exec/ StorageCentral Arbitrary Code Execution
* StorePortal Multiple SQL Injection High
* Stormy Studios KNet Remote Buffer Overflow
* StumbleInside GoText Discloses Users Configuration Data
* Sukru Alatas's Guestbook Database Disclosure
* Sun Java System Web Server Denial of Service Vulnerability
* Sybari Antigen for Exchange Security Bypass
* Sybase Adaptive Server Enterprise Unspecified Vulnerability
* Symantec Anti Virus Arbitrary Code Execution
* Symantec Anti Virus Arbitrary Code Execution (Updated)
* Symantec Anti Virus Password Disclosure
* Symantec AntiVirus Corporate Edition and Client Security Privilege Elevation
* Symantec AntiVirus Products RAR Archive Virus Detection Bypass
* Symantec AntiVirus SMB Scan Detection Bypass
* Symantec 'CcErrDsp.ErrorDisplay.1' ActiveX Buffer Overflow
* Symantec Discovery Unauthorized Access
* Symantec Multiple Products AutoProtect Errors Denial of Service Vulnerability
* Symantec Multiple Products AutoProtect Errors Denial of Service Vulnerability (Updated)
* Symantec Norton GoBack Lets Local Users Bypass Authentication
* Symantec pcAnywhere Privilege Escalation Vulnerability
* TAC Vista Directory Traversal
* TCP Chat Denial of Service
* TCP-IP Datalook Denial of Service
* Team JohnLong RaidenFTPD Information Disclosure Vulnerability
* Techland Xpand Rally Remote Denial of Service
* Techland XPand Rally Remote Format String
* Techno Dreams Multiple Product SQL Injection
* ThePoolClub iPool Information Disclosure Vulnerability
* ThePoolClub iSnooker Information Disclosure Vulnerability
* ToCA Race Driver Arbitrary Code Execution
* TrackerCam Multiple Remote Vulnerabilities
* TrackerCam Multiple Remote Vulnerabilities (Updated)
* Trend Micro OfficeScan Information Disclosure
* Trend Micro PC-cillin Privilege Elevation
* Trend Micro ServerProtect Multiple Vulnerabilities
* Typsoft FTP Server Denial of Service
* Uapplication Products Password Disclosure
* Uapplication Ublog Cross-Site Scripting Vulnerability
* Ubisoft The Settlers: Heritage of Kings Player Logging Buffer Overflow Vulnerability
* Ublog Reload SQL Injection and Cross-Site Scripting
* UR Software W32Dasm Remote Buffer Overflow
* UStore Cross-Site Scripting or SQL Injection
* VERITAS Backup Exec Buffer Overflow (Updated)
* Veritas Backup Exec Multiple Vulnerabilities
* Veritas Backup Exec Multiple Vulnerabilities (Updated)
* VERITAS NetBackup Arbitrary Code Execution
* VERITAS NetBackup Arbitrary Code Execution (Updated)
* Veritas NetBackup Denial of Service
* Virtools Web Player Arbitrary Code Execution or Arbitrary File Control
* VLAIBB 'sig2dat' Integer Overflow & Remote Denial of Service
* VP-ASP Shopping Cart Cross-Site Scripting
* VP-ASP SQL Injection
* vxFtpSrv Arbitrary Code Execution
* vxTftpSrv Arbitrary Code Execution
* vxWeb Denial of Service
* Walla! TeleSite SQL Injection or Cross-Site Scripting
* War FTP Daemon Remote Denial of Service
* Watchfire AppScan Arbitrary Code Execution
* Web Vulnerability Scanner Denial of Service
* Web Wiz Forums Information Disclosure
* WebEOC Multiple Vulnerabilities
* WebInspect Cross Site Scripting
* Webroot Desktop Firewall Authentication Bypassing or Arbitrary Code Execution
* Webroot Software My Firewall Plus Arbitrary File Corruption Vulnerability
* WebWasher Classic HTTP CONNECT Unauthorized Access
* WebWasher Classic HTTP CONNECT Unauthorized Access (Updated)
* WhatsUp Small Business Directory Traversal and Information Disclosure
* WheresJames Webcam Publisher Remote Code Execution Vulnerability
* Wichio 27Tools-in-1 Browser Javascript Spoofing
* Winace Remote Directory Traversal
* Winamp Arbitrary Code Execution
* WinHKI Multiple Remote Vulnerabilities
* Winmail Server Multiple Vulnerabilities
* WinRAR Arbitrary Code Execution
* WMailserver Information Disclosure
* WMR Simpson BookReview Input Validation Holes Permit Cross-Site Scripting & Path Disclosure
* Woodstone Servers Alive Help Function Escalated Privilege Vulnerability
* Woppoware PostMaster Multiple Vulnerabilities
* Working Resources BadBlue MFCISAPICommand Remote Buffer Overflow
* WSW ShowOff! Digital Media Software Two Vulnerabilities
* WWWeb Concepts Events System Input Validation Vulnerability
* WWWguestbook SQL Injection
* XcClassified Cross-Site Scripting
* XcPhotoAlbum Cross-Site Scripting
* Xinkaa WEB Station Directory Traversal
* X-Ways WinHex Denial of Service Vulnerability
* Yager Denial of Service and Remote Code Execution Vulnerabilities
* Yahoo! Messenger Custom Message Buffer Overflow
* Yahoo! Messenger Download Dialogue Box File Name Spoofing
* Yahoo! Messenger Insecure Default Installation
* Yahoo! Messenger URL Handler Remote Denial Of Service Vulnerability
* Yaosoft COOL! Remote Control Denial of Service
* YusASP Web Asset Manager Unauthorized Access
* ZipGenius Arbitrary Code Execution
* ZipGenius Multiple Directory Traversal Vulnerabilities
* ZipTorrent Password Disclosure
* ZixForum SQL Injection
* Zone Labs ZoneAlarm Vet Antivirus Engine Buffer Overflow
* ZonGG Input Validation Hole in 'ad/login.asp' Permits SQL Injection
[back to top]
#
Unix/ Linux Operating Systems
* 4D WebSTAR Grants Access to Remote Users and Elevated Privileges to Local Users
* 4D WebStar Remote IMAP Denial of Service
* 4D WebStar Tomcat Plugin Remote Buffer Overflow
* 4D WebStar Tomcat Plugin Remote Buffer Overflow (Updated)
* Abuse Multiple Vulnerabilities
* Adobe Acrobat Reader mailListIsPdf() Buffer Overflow (Updated)
* Adobe Acrobat Reader mailListIsPdf() Buffer Overflow (Updated)
* Adobe Acrobat Reader UnixAppOpenFilePerform Buffer Overflow
* Adobe Acrobat Reader UnixAppOpenFilePerform Buffer Overflow (Updated)
* Adobe Reader / Acrobat Arbitrary Code Execution & Elevated Privileges
* Adobe Reader For Unix Local File Disclosure
* Adobe Version Cue for Mac OS X Elevated Privileges
* Adobe Version Cue for Mac OS X Elevated Privileges (Updated)
* ADP Elite System Max 9000 Series Shell Access
* Adrian Pascalau GIPTables Firewall Insecure Temporary File Creation
* Alexander Barton ngIRCd Remote Buffer Overflow
* Alexander Barton ngIRCd Remote Format String
* Alexander Palmo Simple PHP Blog Remote Directory Traversal
* Alexis Sukrieh Backup Manager Information Disclosure
* Alexis Sukrieh Backup Manager Information Disclosure (Updated
* Alkalay.Net Multiple Scripts Arbitrary Remote Command Execution & Directory Traversal
* AlmondSoft Almond Classifieds SQL Injection
* ALSA Stack Protection Weakness
* AltantForum Multiple Cross-Site Scripting
* Andrew Church IRC Services LISTLINKS Information Disclosure
* Andrew W. Rogers pcal Buffer Overflows (Updated)
* Apache Insecure Temporary File Creation
* Apache mod_include Buffer Overflow (Updated)
* Apache mod_include Buffer Overflow (Updated)
* Apache Mod_Proxy Remote Buffer Overflow (Updated)
* Apache mod_ssl Denial of Service (Updated)
* Apache mod_ssl Remote Denial of Service (Updated)
* Apache Mod_SSL SSL_Util_UUEncode_Binary Stack Buffer Overflow (Updated)
* Apache mod_ssl SSLCipherSuite Access Validation (Updated)
* Apache mod_ssl SSLCipherSuite Access Validation (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass (Updated)
* Apache SpamAssassin Lets Remote Users Deny Service
* Apache SpamAssassin Lets Remote Users Deny Service (Updated)
* Apache SpamAssassin Lets Remote Users Deny Service (Updated)
* ApacheTop Insecure Temporary File Creation
* Appfluent Technology Database IDS Buffer Overflow
* Appfluent Technology Database IDS Buffer Overflow (Updated)
* Apple ColorSync ICC Header Remote Buffer Overflow
* Apple iSync mRouter Buffer Overflow
* Apple iSync mRouter Buffer Overflow
* Apple Keynote 'keynote:' Lets Remote Users Access Local Files
* Apple Mac OS X AirPort Card Automatic Network Association
* Apple Mac OS X AppleFileServer Remote Denial of Service
* Apple Mac OS X 'at' Utility Information Disclosure
* Apple Mac OS X 'at' Utility Information Disclosure (Updated)
* Apple Mac OS X Default Pseudo-Terminal Permission
* Apple Mac OS X Finder 'DS_Store' Insecure File Creation
* Apple Mac OS X Font Book Font Collection Buffer Overflow
* Apple Mac OS X Java Update
* Apple Mac OS X Kernel searchfs() Buffer Overflow
* Apple Mac OS X Multiple Arbitrary Code Execution Vulnerabilities
* Apple Mac OS X Multiple Vulnerabilities
* Apple Mac OS X Multiple Vulnerabilities
* Apple Mac OS X Multiple Vulnerabilities
* Apple Mac OS X Multiple Vulnerabilities
* Apple Mac OS X Multiple Vulnerabilities (Updated)
* Apple Mac OS X Multiple Vulnerabilities (Updated)
* Apple Mac OS X NetInfo Setup Tool Buffer Overflow
* Apple Mac OS X NetInfo Setup Tool Buffer Overflow (Updated)
* Apple Mac OS X 'parse_machfile()' Denial of Service
* Apple Mac OS X Perl Privilege Dropping
* Apple Mac OS X Security Update
* Apple Mac OS X Security Update
* Apple Mac OS X Security Update
* Apple Mac OS X Vulnerabilities
* Apple MacOS X Vulnerabilities
* Apple Mail EMail Message ID Header Information Disclosure
* Apple QuickTime Quartz Composer File Information Disclosure
* Apple QuickTime Quartz Composer File Information Disclosure (Updated)
* Apple Safari Data URI Memory Corruption
* Apple Safari Dialog Box Origin Spoofing
* Apple Safari IDN Implementation URL Spoof
* Apple Safari IDN Implementation URL Spoof (Updated)
* Apple Safari Input Validation
* Apple Safari Input Validation (Updated)
* Apple Safari Open Windows Injection (Updated)
* Apple Safari Web Browser HTTPS Denial of Service
* Apple Safari Web Browser JavaScript Remote Denial of Service
* APSIS Pound Remote Buffer Overflow
* APSIS Pound Remote Buffer Overflow (Updated)
* Arc Insecure Temporary File Creation
* Arc Insecure Temporary File Creation (Updated)
* ARJ Software UNARJ Remote Buffer Overflow (Updated)
* ARJ Software UNARJ Remote Buffer Overflow (Updated)
* ARJ Software UNARJ Remote Buffer Overflow (Updated)
* ARJ Software UNARJ Remote Buffer Overflow (Updated)
* Astaro Security Linux HTTP CONNECT Unauthorized Access
* Astaro Security Linux HTTP CONNECT Unauthorized Access (Updated)
* Astaro Security Linux ISAKMP IKE Traffic Denial of Service
* Astaro Security Linux PPTP Server Unspecified Remote Denial of Service
* Asterisk Voicemail Unauthorized Access
* Atlant Pro Cross-Site Scripting
* Avaya Labs Libsafe Multi-threaded Process Race Condition Security Bypass
* Backup Manager File Permissions
* BackupNinja Insecure Temporary File Creation
* Bacula Insecure Temporary File Creation
* Bacula Insecure Temporary File Creation (Updated)
* BeMoore Software News2Net SQL Injection
* Benchmark Designs WHM AutoPilot 'server_inc' Include File Flaw
* Berlios GPSD Remote Format String
* Bidwatcher Remote Format String
* Bidwatcher Remote Format String (Updated)
* Binary Board System Multiple Cross-Site Scripting
* Black List Daemon select() Remote Buffer Overflow
* Black List Daemon select() Remote Buffer Overflow (Updated)
* Blog Torrent Password Disclosure
* Blue Coat Reporter Multiple Vulnerabilities
* BlueZ Arbitrary Command Execution
* BlueZ Arbitrary Command Execution (Updated)
* BlueZ Arbitrary Command Execution (Updated)
* BlueZ Arbitrary Command Execution (Updated)
* BMC Control M Agent Insecure File Permission
* BMV Buffer Overflow
* Brooky CubeCart Multiple Vulnerabilities
* BrT CopperExport 'XP_Publish.PHP' SQL Injection
* Bugzilla Private Summary Disclosure or Flag Modification
* BZip2 File Permission Modification
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* BZip2 File Permission Modification (Updated)
* bzip2 Remote Denial of Service
* bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* Bzip2 Remote Denial of Service (Updated)
* CA BrightStor ARCserve Backup UniversalAgent Backdoor Account
* Cadsoft.de VDR Daemon Remote File Overwrite
* Caolan McNamara & Dom Lachowicz wvWare Library Buffer Overflow (Updated)
* Carnegie Mellon Cyrus IMAP Server Off-by-one Overflow (Updated)
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows (Updated)
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows (Updated)
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows (Updated)
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows (Updated)
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows (Updated)
* Carnegie Mellon University Cyrus IMAP Server Multiple Remote Buffer Overflows (Updated)
* Carnegie Mellon University Cyrus SASL Buffer Overflow & Input Validation (Updated)
* Carnegie Mellon University Cyrus SASL Buffer Overflow & Input Validation (Updated)
* Carnegie Mellon University Cyrus SASL Buffer Overflow & Input Validation (Updated)
* Carsten Haitzler imlib Image Decoding Integer Overflow (Updated)
* Carsten Haitzler imlib Image Decoding Integer Overflow (Updated)
* Carsten Haitzler imlib Image Decoding Integer Overflow (Updated)
* CartKeeper CKGold Cross-Site Scripting
* CDRTools Unspecified Privilege Escalation (Updated)
* Centericq Empty Packet Remote Denial of Service
* Centericq Empty Packet Remote Denial of Service (Updated)
* CenterICQ Insecure Temporary File
* CenterICQ Insecure Temporary File (Updated)
* CenterICQ Insecure Temporary File (Updated)
* Cheetah Elevated Privileges
* Cheetah Elevated Privileges (Updated)
* Christoph Dalitz abctab2ps Buffer Overflows (Updated)
* Citadel/UX select() System Call Remote Buffer Overflow
* Clam Anti-Virus ClamAV Mac OS X Command Execution
* Clam Anti-Virus ClamAV OLE2 File Handling Denial of Service
* Clam Anti-Virus ClamAV Remote Denials of Service
* Clam Anti-Virus ClamAV Remote Denials of Service (Updated)
* Clam AntiVirus Denial of Service
* Clam AntiVirus Multiple Vulnerabilities (Updated)
* Clam AntiVirus Multiple Vulnerabilities (Updated)
* Clam AntiVirus Remote Denial of Service& Arbitrary Code Execution
* ClamAV UPX Buffer Overflow & FSG Handling Denial of Service
* ClamAV UPX Buffer Overflow & FSG Handling Denial of Service (Updated)
* ClamAV UPX Buffer Overflow & FSG Handling Denial of Service (Updated)
* ClamAV UPX Buffer Overflow & FSG Handling Denial of Service (Updated)
* Cmd5checkpw Poppasswd Disclosure
* Cocktail Admin Password Disclosure
* Common-lisp-controller Elevated Privileges
* Common-lisp-controller Elevated Privileges (Updated)
* Conectiva netpbm Privilege Escalation
* Courier Mail Server Remote Denial of Service
* Courier Mail Server Remote Denial of Service (Updated)
* cPanel Cross-Site Scripting
* cPanel 'User' Parameter Cross-Site Scripting
* Crip Helper Script Insecure Temporary File Creation
* Crip Helper Script Insecure Temporary File Creation (Updated)
* cURL / libcURL URL Parser Buffer Overflow
* cURL / libcURL URL Parser Buffer Overflow (Updated)
* cURL / libcURL URL Parser Buffer Overflow (Updated)
* CVS 'Cvsbug.In' Script Insecure Temporary File Creation (Updated)
* CVS 'Cvsbug.In' Script Insecure Temporary File Creation (Updated)
* CVS 'Cvsbug.In' Script Insecure Temporary File Creation (Updated)
* Cyphor Cross-Site Scripting & SQL Injection
* Cyphor SQL Injection
* Cyrus SASL Buffer Overflow & Input Validation (Updated)
* Cyrus SASL Buffer Overflow & Input Validation (Updated)
* Cyrus SASL Buffer Overflow & Input Validation (Updated)
* D. J. Bernstein QMail Remote Denials of Service
* Dada Mail Archives HTML Injection
* Darryl Burgdorf Webhints Remote Command Execution
* Darwin Kernel Denial of Service
* David Gay F2C Multiple Insecure Temporary File Creation
* David Gay F2C Multiple Insecure Temporary File Creation (Updated)
* David Mischler Linux IPRoute2 'Netbug' Script Insecure Temporary File
* DCP-Portal Cross-Site Scripting & SQL Injection
* DCP-Portal Input Validation
* Debian Apt-Cacher Remote Arbitrary Code Execution
* Debian CVS-Repouid Remote Authentication Bypass & Denial of Service
* Debian CVS-Repouid Remote Authentication Bypass & Denial of Service (Updated)
* Debian File Permission
* Debian Horde Default Administrator Password
* Debian Lintian Insecure Temporary File
* Debian Linux Firewall Loading Failure
* Debian Module-Assistant Insecure Temporary File Creation
* Debian Pam Radius Auth File Information Disclosure
* Debian Reportbug Multiple Information Disclosure
* Debian Toolchain-Source Multiple Insecure Temporary File Creation
* Denial of Service & IRC Protocol Plug-in Arbitrary Code Execution
* dhcpcd Denial of Service (Updated)
* Dick Copits PDEstore Cross-Site Scripting
* Dillo 'a_Interface_msg()' Format String
* DNA MKBold-MKItalic Remote Format String
* Dnsmasq Multiple Remote Vulnerabilities
* Dnsmasq Multiple Remote Vulnerabilities (Updated)
* Dnsmasq Multiple Remote Vulnerabilities (Updated)
* Domain Name Relay Daemon Arbitrary Code Execution
* Dropbear SSH Server Buffer Overflow
* DRZES HMS Cross-Site Scripting & SQL Injection
* Easy Search System Cross-Site Scripting
* Easy Software Products CUPS Access Control List Bypass
* Easy Software Products CUPS Access Control List Bypass (Updated)
* Easy Software Products CUPS HTTP GET Denial of Service
* Easy Software Products CUPS HTTP GET Denial of Service (Updated)
* Easy Software Products CUPS HTTP GET Denial of Service (Updated)
* Edgewall Software Trac Arbitrary File Upload/Download
* Edgewall Software Trac Search Module SQL Injection
* Edgewall Trac SQL Injection
* EKG 'LIbGadu' Multiple Vulnerabilities (Updated)
* Elm 'Expires' Header Remote Buffer Overflow
* Elm 'Expires' Header Remote Buffer Overflow (Updated)
* Elm 'Expires' Header Remote Buffer Overflow (Updated)
* Elmo Arbitrary File Overwrite
* Eric Raymond Fetchmail 'fetchmailconf' Information Disclosure
* Eric Raymond Fetchmail 'fetchmailconf' Information Disclosure (Updated)
* Eric Raymond Fetchmail 'fetchmailconf' Information Disclosure (Updated)
* Eric Raymond Fetchmail 'fetchmailconf' Information Disclosure (Updated)
* Eric Raymond Fetchmail POP3 Client Buffer Overflow (Updated)
* Eric Raymond Fetchmail POP3 Client Buffer Overflow (Updated)
* Eric Raymond Fetchmail POP3 Client Buffer Overflow (Updated)
* Eric Raymond Fetchmail POP3 Client Buffer Overflow (Updated)
* eric3 Unspecified Vulnerability
* eric3 Unspecified Vulnerability (Updated)
* eric3 Unspecified Vulnerability (Updated)
* Eskuel Unauthorized Administrator Access
* ESMI PayPal Storefront SQL Injection & Cross-Site Scripting
* ESRI ArcInfo Workstation s Buffer Overflows and Format String
* Ethereal Multiple Dissector Vulnerabilities
* Ethereal Multiple Dissector Vulnerabilities (Updated)
* Ethereal Multiple Dissector Vulnerabilities (Updated)
* Ethereal Multiple Remote Protocol Dissector Vulnerabilities
* Ethereal Multiple Remote Protocol Dissector Vulnerabilities (Updated)
* Ethereal Multiple Remote Protocol Dissector Vulnerabilities (Updated)
* Ethereal Multiple Remote P
December 31, 2005 at 11:47 AM in Security | Permalink
| TrackBack (510)
| Top of page
| Blog Home
