Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. Date published : 2005-08-21 http://www.securityfocus.com/bid/14596 http://online.securityfocus.com/archive/1/408501
Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is...
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. Date published : 2005-08-20 http://www.securityfocus.com/bid/10073 http://archives.neohapsis.com/archives/bugtraq/2004-04/0061.html
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code’s use of the...
SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php. Date published : 2005-08-20 http://www.securityfocus.com/bid/11748 http://newsphp.sourceforge.net/changelog/changelog_1.24.txt
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. Date published : 2005-08-20 http://www.securityfocus.com/bid/11743 http://www.securityfocus.com/bid/24504
Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. Date...
SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2005-08-20 http://www.securityfocus.com/bid/10017 http://sourceforge.net/project/shownotes.php?release_id=227554
Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins. Date published : 2005-08-20 http://www.securityfocus.com/bid/10018 http://test.madgenius.com/madBMS/ChangeLog
Unspecified vulnerability in Reservation.class.php for phpScheduleIt 1.01 and earlier allows attackers to modify or delete reservations. Date published : 2005-08-20 http://www.securityfocus.com/bid/11690 http://sourceforge.net/tracker/index.php?func=detail&aid=1051841&group_id=95547&atid=611778
Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. Date published : 2005-08-20 http://www.osvdb.org/4755 http://www.securitytracker.com/alerts/2004/Mar/1009598.html
chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a denial of service (server crash). Date published : 2005-08-20 http://archives.neohapsis.com/archives/bugtraq/2004-07/0013.html http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0077.html
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that...
Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. Date published : 2005-08-20 http://secunia.com/advisories/12006 https://exchange.xforce.ibmcloud.com/vulnerabilities/16634