CVE-2005-1283

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367.

Publication date: Fri, 22 Apr 2005 09:00:00 +0000


Cyber News related to CVE-2005-1283

CVE-2005-1283 - Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations ...
7 years ago
CVE-2016-4472 - The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists ...
1 year ago
CVE-2015-1283 - Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have ...
2 years ago
CVE-2015-2716 - Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to ...
1 year ago
CVE-2010-1283 - Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a ...
2 years ago
CVE-2003-1283 - KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code. ...
16 years ago
CVE-2001-1283 - The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or ...
16 years ago
CVE-2002-1283 - Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute. ...
7 years ago
CVE-2004-1283 - Buffer overflow in the Mesh::type method in mesh.c for the mview program in Mesh Viewer 0.2.2 allows remote attackers to execute arbitrary code via crafted mesh files. ...
7 years ago
CVE-2006-1283 - opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root ...
7 years ago
CVE-2009-1283 - glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." ...
7 years ago
CVE-1999-1283 - Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. ...
7 years ago
CVE-2008-1283 - Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in the 404 error page. ...
6 years ago
CVE-2011-1283 - The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has ...
5 years ago
CVE-2019-1283 - An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'. ...
5 years ago
CVE-2017-1283 - IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144. ...
5 years ago
CVE-2013-1283 - Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT ...
4 years ago
CVE-2021-1283 - A vulnerability in the logging subsystem of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive ...
3 years ago
CVE-2018-1283 - In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the ...
3 years ago
CVE-2020-1283 - A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. ...
3 years ago
CVE-2022-1283 - NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash). ...
2 years ago
CVE-2016-1283 - The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the ...
2 years ago
CVE-2023-1283 - Code Injection in GitHub repository builderio/qwik prior to 0.21.0. ...
1 year ago
CVE-2014-1283 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
54 years ago Tenable.com
CVE-2024-1283 - Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
10 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)