CVE-2005-0276

Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow remote attackers to cause a denial of service application crash via format string specifiers in 1 the username, 2 cd, 3 delete, 4 rename, 5 rmdir, 6 literal, 7 stat, or 8 CWD commands...

CVE-2005-0158

Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses...

CVE-2005-1100

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...

CVE-2005-0397

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...

CVE-2005-0397

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...

DEBIAN-CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

CVE-2005-0729

Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message...

CVE-2005-0158

Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses...

CVE-2005-0665

Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2005-1394

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to 1 wservice or 2 lockmgr...

CVE-2005-1121

Format string vulnerability in the myxlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwdmysql and passwdpgsql modules, may allow attackers to execute arbitrary code via a URL...

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message...

CVE-2005-0250

Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument...

CVE-2005-0770

Format string vulnerability in DataRescue Interactive Disassembler and Debugger IDA Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service CPU consumption or application crash and possibly execute arbitrary code via format string specifiers in a dynamic link library DLL...

CVE-2005-1127

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...

CVE-2005-1100

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...

CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

CVE-2005-1127

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...

CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

CVE-2005-0958

Format string vulnerability in the logdo function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command...