CVE-2005-1598

CVE-2005-1598 - SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable. ...
8 years ago

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
17 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
17 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
2 years ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
17 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
56 years ago Tenable.com

CVE-2005-3122 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should ...
56 years ago Tenable.com

CVE-2005-2965 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should ...
56 years ago Tenable.com

CVE-2005-2937 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3663, CVE-2005-3664. Reason: this candidate was intended for one issue, but multiple advisories used this candidate for different issues. Notes: All CVE users should consult ...
56 years ago Tenable.com

CVE-2005-2802 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2872, CVE-2005-2873. Reason: this candidate's description originally combined two separate issues. Notes: All CVE users should consult CVE-2005-2872 and CVE-2005-2873 to ...
56 years ago Tenable.com

CVE-2005-2355 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2335, CVE-2005-2356. Reason: due to a typo in an advisory, this candidate was accidentally referenced. Notes: All CVE users should consult CVE-2005-2335 and CVE-2005-2356 to ...
56 years ago Tenable.com

CVE-2007-1598 - Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party ...
8 years ago

CVE-2009-1598 - Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions ...
4 years ago

CVE-2008-1598 - The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors. ...
14 years ago

CVE-2012-1598 - Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors related to "insufficient randomness" and a "password reset vulnerability." ...
13 years ago

CVE-2015-1598 - The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem. ...
10 years ago

CVE-2016-1598 - XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages. ...
9 years ago

CVE-2004-1598 - Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory. ...
8 years ago

CVE-2010-1598 - phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr[] parameter, as discovered in the wild in April 2010. NOTE: the provenance of this ...
8 years ago

CVE-2003-1598 - SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable. ...
8 years ago

CVE-2006-1598 - AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension. ...
7 years ago

CVE-2017-1598 - IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 132611. ...
6 years ago

CVE-2014-1598 - centurystar 7.12 ActiveX Control has a Stack Buffer Overflow ...
5 years ago

CVE-2013-1598 - A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. ...
5 years ago

CVE-2002-1598 - Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock. ...
4 years ago