CAN-2004-0957

CVE-2004-0957 is cited across multiple connected advisories (Ubuntu USN-32/109, SLES9 MySQL updates, FreeBSD ports) as part of historical MySQL vulnerabilities. Documented info shows it co-occurs with advisories requesting updates or patches to MySQL components; CVSS scores in these entries range...

CAN-2005-0017

The provided OpenVAS/Gentoo/Debian/FreeBSD entries identify CVE-2005-0017 and, in some cases, CVE-2005-0018, as vulnerabilities in the f2c utility (Fortran-to-C translator). Technical details across the connected docs indicate the issue is related to insecure temporary file handling in f2c, which...

CAN-2005-1109

CVE-2005-1109 refers to JunkBuster, a HTTP proxy. The vulnerability (affecting JunkBuster before version 2.0.2-r3) arises from heap corruption due to inconsistent use of an internal function, enabling remote attackers to crash the daemon and potentially execute arbitrary code. Impact is a remote ...

CAN-2004-1341

CVE-2004-1341 is a cross-site scripting (XSS) vulnerability in info2www, due to missing input sanitising. The issue affects info2www prior to version 1.2.2.9, with fixed versions in Debian as 1.2.2.9-20woody (woody) and 1.2.2.9-23 (sid). Debian DSAs (DSA-711-1) document remote exploitation via cr...

CAN-2005-0472

GAIM (multi-protocol IM client) is affected by two remote issues: (1) a SNAC packet handling flaw that can trigger an infinite loop/deny‑of‑service, and (2) malformed HTML/SNAC input leading to client crashes or hangs. CVE-2005-0472 covers the SNAC‑based DoS; CVE-2005-0473 is associated with HTML...

CAN-2005-0870

CVE-2005-0870 is associated with phpsysinfo, a PHP-based host-information utility, as reflected in multiple advisories (e.g., Debian DSA-724/897/898 and OpenVAS entries). The connected documents describe several issues: cross-site scripting (XSS) vulnerabilities (CVE-2005-0870) and related proble...

CAN-2005-0739

Technical details for CVE-2005-0739 are not publicly available in the provided documents. Monitor for updates.

CAN-2005-0605

Technical details about CVE-2005-0605 are not provided in the supplied documents; linked entries reference the CVE but do not describe affected products, root cause, or fixes. Monitor for updates.

CAN-2005-1523

CVE-2005-1523 is a format-string vulnerability in the GNU Mailutils imap4d server (also reflected in Debian Gentoo advisories) that may allow a remote attacker to execute arbitrary code with the IMAP service privileges. The connected advisories describe that the issue stems from insufficient sani...

CAN-2005-0523

The CVE-2005-0523 entry pertains to ProZilla (versions up to 1.3.7.3 and earlier). A format string vulnerability in the Location header allows remote attackers to execute arbitrary code with the user’s privileges. Debian’s DSA-719-1 and related advisories fix the issue by upgrading ProZilla to la...

CAN-2005-0525

Technical details for CVE-2005-0525 are not publicly available in the provided documents. Monitor for updates.

CAN-2005-1546

CVE-2005-1546 is a buffer overflow vulnerability in ht’s PE parser, affecting ht packages in Debian (and cited in DSA-743-1). The issue was fixed in ht 0.8.0-2sarge4 (and related updates for woody before that). The Debian advisories describe the vulnerability and recommend upgrading ht to mitigat...

CAN-2005-1858

This CVE affects FUSE (filesystem in userspace): FUSE 2.x before 2.3.0 fails to clear memory from unfilled pages after a read returns a short byte count, potentially allowing local users to disclose sensitive information. The Debian advisory (DSA-744-1) links CVE-2005-1858 to fuse and notes a fix...

CAN-2005-1853

CVE-2005-1853 affects the Gopher client (gopher.c) in version 3.0.5, where improper creation of temporary files permits local users to gain privileges. Multiple sources (Red Hat advisory, CVE listing, Debian/Debian OSSVOS) confirm the flaw and its local-privilege elevation impact. Debian’s DSA-77...

CAN-2005-1914

CVE-2005-1914 affects CenterICQ 4.20.0 and earlier. The vulnerability arises because CenterICQ creates temporary files with predictable filenames, enabling local attackers to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file. The available connected documents confi...

CAN-2005-1686

CVE-2005-1686 is a format-string vulnerability in gedit (GNOME text editor) affecting multiple platforms. Connected advisories note a flaw in gedit’s filename handling that could permit arbitrary code execution. Public fixes exist across affected OS families, including Solaris patches (e.g., 1202...

CAN-2005-2256

CVE-2005-2256 relates to phppgadmin (PHP scripts for PostgreSQL web administration). The issue is missing input sanitising in phppgadmin, which can lead to disclosure of sensitive information. Exploitation requires that magic_quotes_gpc is disabled. Debian/DSA advisories (DSA-759-1) note the fix ...

CAN-2005-2724

CVE-2005-2724 is a real cross-site scripting (XSS) issue in SqWebmail, part of the Courier suite. The vulnerability arises from missing input sanitising in the handling of file attachments, enabling a remote attacker to inject script/HTML that may execute in a user’s browser when attachments are ...

CAN-2005-1937

CVE-2005-1937 appears across multiple advisories tied to Mozilla/Firefox components. Connected documents show CVSS base 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) and references in Ubuntu USN-149-1, Debian DSA-810-1, Gentoo GLSA 200507-24, FreeBSD ports Firefox advisories. Affected products include Firefox...

CAN-2005-2761

CVE-2005-2761 is associated with phpGroupWare and is documented in Debian DSA-798-1 and related OpenVAS entries. The vulnerability refers to a global cross-site scripting fix designed to protect against malicious scripts embedded in CSS and xmlns across various phpGroupWare components. Remediatio...