LiveActive security incident?Get immediate response
CVE archive

January 2005

Browse CVE records published in January 2005, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 199 matching CVEs · Page 3 of 4.

Unknown · CVSS Not scored

CVE-2005-3659: nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products su...

nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference.

Published Jan 18, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-3627: Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, a...

Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

Published Jan 6, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-3658: Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Buil...

Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).

Published Jan 18, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-3654: Blue Coat Systems Inc.

Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap.

Published Jan 6, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-3356: The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("doubl...

The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.

Published Jan 23, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-3187: The listening daemon in Blue Coat Systems Inc.

The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.

Published Jan 5, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-2343: Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote...

Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.

Published Jan 2, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-0125: The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users...

The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user.

Published Jan 29, 2005 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2005-0148: Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascrip...

Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is installed on the user's system. NOTE: since the invocation between multiple products is a common practice, and the vulnerabilities inherent in multi-product interactions are not easily enumerable, this issue might be REJECTED in the future.

Published Jan 29, 2005 · Updated Aug 7, 2024