CVE-2005-1281

Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

Publication date: Tue, 26 Apr 2005 09:00:00 +0000


Cyber News related to CVE-2005-1281

CVE-2005-1281 - Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. ...
16 years ago
CVE-2008-5523 - avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) ...
6 years ago
CVE-2006-1281 - Cross-site scripting (XSS) vulnerability in member.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vulnerability than CVE-2006-1272. NOTE: 1.10 was later reported ...
6 years ago
CVE-2010-1281 - iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) ...
1 year ago
CVE-2003-1281 - cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. ...
16 years ago
CVE-2001-1281 - Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form. ...
16 years ago
CVE-2009-1281 - Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
15 years ago
CVE-2014-1281 - Photos Backend in Apple iOS before 7.1 does not properly manage the asset-library cache during deletions, which allows physically proximate attackers to obtain sensitive photo data by launching the Photos app and looking under a transparent image. ...
10 years ago
CVE-2002-1281 - Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. ...
8 years ago
CVE-2016-1281 - Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via ...
7 years ago
CVE-2004-1281 - The ftp_retr function in junkie 0.3.1 allows remote malicious FTP servers to overwrite arbitrary files via .. (dot dot) sequences in a filename. ...
7 years ago
CVE-2007-1281 - Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during ...
7 years ago
CVE-1999-1281 - Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. ...
7 years ago
CVE-2018-1281 - The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLC_PS_ROOT_URI and DMLC_PS_ROOT_PORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on ...
6 years ago
CVE-2008-1281 - Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, as used in Argon Technology Client Management Services (CMS) 1.31 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. ...
6 years ago
CVE-2015-1281 - core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image ...
6 years ago
CVE-2017-1281 - IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus ...
5 years ago
CVE-2011-1281 - The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not ...
4 years ago
CVE-2013-1281 - The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Server 2012 allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via an attempted renaming of a file or folder located on a read-only share, aka ...
4 years ago
CVE-2020-1281 - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. ...
3 years ago
CVE-2022-1281 - The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible. ...
2 years ago
CVE-2021-1281 - A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI ...
2 years ago
CVE-2023-1281 - Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is ...
1 year ago
CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago
CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)