All posts by 007admin
CVE-2005-3962
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. (CVSS:4.6) (Last Update:2011-10-11)
Critical Patch Update – April 2005
Critical Patch Update – January 2005
Critical Patch Update – October 2005
Critical Patch Update – July 2005
CVE-2005-1349
Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation. (CVSS:7.5) (Last Update:2010-04-02)
CVE-2005-0477 (invision_power_board)
Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url.
CVE-2005-0485 (panews)
Cross-site scripting (XSS) vulnerability in comment.php for paNews 2.0b4 for PHP Arena allows remote attackers to inject arbitrary HTML and web script via the showpost parameter.
CVE-2005-0453
The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension. (CVSS:5.0) (Last Update:2008-09-05)