Max CVSS 7.5 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2005-0758 4.6
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
16-10-2019 - 20:01 13-05-2005 - 04:00
CVE-2005-0488 5.0
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
30-10-2018 - 16:25 14-06-2005 - 04:00
CVE-2005-1934 5.0
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
19-10-2018 - 15:32 19-05-2005 - 04:00
CVE-2005-1269 5.0
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
19-10-2018 - 15:31 16-06-2005 - 04:00
CVE-2005-0953 3.7
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-1739 5.0
The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.
03-10-2018 - 21:30 24-05-2005 - 04:00
CVE-2005-1686 2.6
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user,
03-10-2018 - 21:30 20-05-2005 - 04:00
CVE-2005-1260 5.0
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
03-10-2018 - 21:30 19-05-2005 - 04:00
CVE-2005-1760 7.5
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
11-10-2017 - 01:30 13-06-2005 - 04:00
Back to Top Mark selected
Back to Top