CVE-2005-4851

eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects...

CVE-2005-4813

Unspecified vulnerability in Report Application Server Crystalras.exe before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service application hang via certain network traffic...

PT-2005-5499 · Apache · Jakarta Tomcat +1

Name of the Vulnerable Software and Affected Versions: Jakarta Tomcat versions 5.5.6 and earlier Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the example web applications for Jakarta Tomcat. These vulnerabilities allow remote attackers to inject arbitrary w...

CVE-2005-4274

Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service user account lock out via unknown attack vectors related to "authentication mechanisms" and "form input."...

CVE-2005-4274

CVE-2005-4274 affects Business Objects WebIntelligence 6.5x. The vulnerability permits remote attackers to cause a denial of service (user account lockout) via unknown attack vectors related to authentication mechanisms and form input. The available sources describe the issue but do not provide c...

CVE-2005-4274

Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service user account lock out via unknown attack vectors related to "authentication mechanisms" and "form input."...

CVE-2005-2831

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of t...

US-CERT Technical Cyber Security Alert TA05-347A -- Microsoft Internet Explorer Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA05-347A Microsoft Internet Explorer Vulnerabilities Original release date: December 13, 2005 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows Microsoft Internet Explorer For more complete information...

Microsoft Internet Explorer vulnerable to code execution via mismatched DOM objects

Overview Microsoft Internet Explorer fails to properly handle requests to mismatched DOM objects, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer does not properly handle requests to mismatched DOM objects, such as the...

Remotely DoSing JBoss 4.0.2 with serialized java objects

=+============================================================= Remotely DoSing JBoss 4.0.2 with serialized java objects Implications of serialisation vulnerabilies in JDK =+============================================================= Author: Marc Schoenefeld , illegalaccess.org...

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

Debian DSA-868-1 : mozilla-thunderbird - several vulnerabilities

Several security-related problems have been discovered in Mozilla and derived programs. Some of the following problems don't exactly apply to Mozilla Thunderbird, even though the code is present. In order to keep the codebase in sync with upstream it has been altered nevertheless. The Common...

Multiple IBM DB2 Universal Database vulnerabilities

Server crash on constant string processing in queries; endless loop on hash joins processing; multiple problems with invalid connection termination; unauthorized creation of routine based objects; array overflow on oversized number of elements in 'in' list; db2jd crash on certain clients...

CVE-2005-1987

Buffer overflow in Collaboration Data Objects CDO, as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string...

CVE-2005-1987

Buffer overflow in Collaboration Data Objects CDO, as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string...

CVE-2005-1987

CVE-2005-1987 is a remote code execution vulnerability in Microsoft Collaboration Data Objects (CDO) used by CDOSYS/CDOEX on Windows and Exchange. An unchecked buffer triggered by processing a malformed SMTP/email header (e.g., oversized Content-Type) can allow an attacker to execute arbitrary co...

Microsoft Windows Microsoft Collaboration Data Objects buffer overflow

Buffer overflow on parsing mail messages with Microsoft SMTP service...

Microsoft Security Bulletin MS05-048 Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

Microsoft Security Bulletin MS05-048 Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution 907245 Published: October 11, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows or Microsoft Exchange Server Impact of...

Microsoft Internet Explorer COM Object Instantiation Variant Vulnerability

Description Microsoft Internet Explorer is prone to a buffer overflow vulnerability that is related to instantiation of COM objects. Successful exploitation could let remote attackers execute arbitrary code in the context of the currently logged in user on the affected computer. This is a variant...