Full List

Search

Recent Vulnerabilities

• CVE-2005-1463 • published on May 5, 2005 Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
• CVE-2005-1468 • published on May 5, 2005 Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.
• CVE-2005-1457 • published on May 5, 2005 Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash).
• CVE-2005-1466 • published on May 5, 2005 Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors.
• CVE-2005-1339 • published on May 4, 2005 lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
• CVE-2005-1338 • published on May 4, 2005 Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.
• CVE-2005-1340 • published on May 4, 2005 The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.
• CVE-2004-1307 • published on May 4, 2005 Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
• CVE-2005-0594 • published on May 4, 2005 Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.
• CVE-2005-1332 • published on May 4, 2005 Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.
• CVE-2005-1343 • published on May 4, 2005 Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.
• CVE-2005-1194 • published on May 4, 2005 Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.
• CVE-2005-1330 • published on May 4, 2005 AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
• CVE-2005-1331 • published on May 4, 2005 The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
• CVE-2005-1333 • published on May 4, 2005 Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
• CVE-2005-1336 • published on May 4, 2005 Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
• CVE-2005-1337 • published on May 4, 2005 Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.
• CVE-2005-1341 • published on May 4, 2005 Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
• CVE-2005-1335 • published on May 4, 2005 Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
• CVE-2005-1342 • published on May 4, 2005 The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.