Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. Date published : 2005-07-17 http://www.securityfocus.com/bid/11928...
Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. Date published : 2005-07-17 http://www.securityfocus.com/bid/9704 http://otn.oracle.com/deploy/security/pdf/2004alert63.pdf
Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. Date published : 2005-07-17 http://www.securityfocus.com/bid/11644 http://security.gentoo.org/glsa/glsa-200501-03.xml
Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions. Date published : 2005-07-17 http://security.gentoo.org/glsa/glsa-200501-03.xml...
Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on...
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. Date published...
Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. Date published : 2005-07-17 http://www.oliverkarow.de/research/AppFoundryCOM1_Dos.txt http://www.osvdb.org/5886
FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. Date published...
Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. Date published : 2005-07-17 http://www.securityfocus.com/bid/11594 http://gallery.devrandom.org.uk/cgi-bin/viewcvs.cgi/fsphpgallery/ChangeLog?rev=HEAD&content-type=text/vnd.viewcvs-markup
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. Date published : 2005-07-17 http://www.securityfocus.com/bid/10926 http://metasploit.com/projects/Framework/modules/exploits/mercantec_softcart.pm
F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. Date published : 2005-07-17 http://www.securityfocus.com/bid/11600 ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the...
SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. Date published : 2005-07-17 http://www.securityfocus.com/bid/10942 http://archives.neohapsis.com/archives/bugtraq/2004-08/0207.html
Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. Date published : 2005-07-17 http://www.securityfocus.com/bid/11597 http://archives.neohapsis.com/archives/apps/freshmeat/2004-11/0001.html