CVE-2005-1868

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.

Publication date: Thu, 09 Jun 2005 09:00:00 +0000

Cyber News related to CVE-2005-1868

CVE-2005-1868 - I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension. ...
8 months ago

CVE-2015-5470 - The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a ...
8 years ago

CVE-2021-1868 - A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local attacker may be able ...
3 years ago

CVE-2002-1868 - Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields. ...
16 years ago

CVE-2010-1868 - The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, ...
14 years ago

CVE-2015-1868 - The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU ...
7 years ago

CVE-2004-1868 - Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a long STREAMQUOTE tag. ...
7 years ago

CVE-2007-1868 - The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service ...
7 years ago

CVE-2014-1868 - Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack. <a ...
7 years ago

CVE-2013-1868 - Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. ...
7 years ago

CVE-2008-1868 - admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information. ...
7 years ago

CVE-2009-1868 - Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors ...
7 years ago

CVE-2012-1868 - Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability." ...
6 years ago

CVE-2006-1868 - Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03. ...
5 years ago

CVE-2011-1868 - The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka ...
5 years ago

CVE-2019-1868 - A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the ...
4 years ago

CVE-2022-1868 - Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. ...
1 year ago

CVE-2023-1868 - The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when clearing the plugin cache via the yrc_clear_cache GET parameter in versions up to, and including, 1.2.3. This makes it possible for ...
1 year ago

CVE-2017-1868 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
10 months ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
54 years ago Tenable.com

CVE-2005-3122 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should ...
54 years ago Tenable.com

Latest Cyber News

CVE-2023-27987 - 1 minute ago
CVE-2023-3292 - 7 hours ago
CVE-2022-4888 - 7 hours ago
CVE-2022-47501 - 7 hours ago
CVE-2010-3243 - 7 hours ago
CVE-2010-1896 - 7 hours ago
CVE-2010-3941 - 7 hours ago
CVE-2010-0820 - 7 hours ago
CVE-2011-0029 - 7 hours ago
CVE-2024-48924 - 7 hours ago
CVE-2024-48911 - 7 hours ago
CVE-2024-9687 - 7 hours ago
CVE-2024-6757 - 7 hours ago
CVE-2024-30117 - 8 hours ago
CVE-2024-9953 - 8 hours ago
CVE-2024-45461 - 8 hours ago
CVE-2024-9895 - 8 hours ago
CVE-2024-9944 - 8 hours ago
CVE-2024-21535 - 8 hours ago
CVE-2023-1215 - 8 hours ago

Cyber Trends (last 7 days)

Okta - 10 months ago
23andMe - 10 months ago
Kimsuky - 10 months ago
LogoFAIL - 10 months ago
Gh0st rat - 10 months ago

Trending Cyber News (last 7 days)

CVE-2024-48924 - 7 hours ago
CVE-2024-47522 - 1 day ago
CVE-2024-47836 - 1 day ago
CVE-2024-28988 - 1 day ago
CVE-2005-10003 - 14 hours ago
CVE-2024-49315 - 14 hours ago
CVE-2024-6333 - 14 hours ago
CVE-2018-25104 - 12 hours ago
CVE-2024-10071 - 12 hours ago
CVE-2024-9414 - 12 hours ago
CVE-2024-43997 - 10 hours ago
CVE-2024-47304 - 10 hours ago
CVE-2024-47312 - 10 hours ago
CVE-2024-49217 - 10 hours ago
CVE-2024-49219 - 10 hours ago
CVE-2024-49220 - 10 hours ago
CVE-2024-49221 - 10 hours ago
CVE-2024-49223 - 10 hours ago
CVE-2024-49229 - 10 hours ago
CVE-2024-49235 - 10 hours ago