CVE-2005-2346

CVE-2005-2346 - Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section. ...
2 years ago

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
17 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
17 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
2 years ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
17 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
56 years ago Tenable.com

CVE-2005-3122 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should ...
56 years ago Tenable.com

CVE-2005-2965 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should ...
56 years ago Tenable.com

CVE-2005-2937 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3663, CVE-2005-3664. Reason: this candidate was intended for one issue, but multiple advisories used this candidate for different issues. Notes: All CVE users should consult ...
56 years ago Tenable.com

CVE-2005-2802 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2872, CVE-2005-2873. Reason: this candidate's description originally combined two separate issues. Notes: All CVE users should consult CVE-2005-2872 and CVE-2005-2873 to ...
56 years ago Tenable.com

CVE-2005-2355 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2335, CVE-2005-2356. Reason: due to a typo in an advisory, this candidate was accidentally referenced. Notes: All CVE users should consult CVE-2005-2335 and CVE-2005-2356 to ...
56 years ago Tenable.com

CVE-2012-2346 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5101. Reason: This candidate is a duplicate of CVE-2010-5101. Notes: All CVE users should reference CVE-2010-5101 instead of this candidate. All references and descriptions in ...
56 years ago Tenable.com

CVE-2009-2346 - The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and ...
7 years ago

CVE-2002-2346 - phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. ...
17 years ago

CVE-2014-2346 - COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway (DNP3 outstation) 7.11 SP0 build 10238 and earlier allow physically proximate attackers to cause a denial of service (infinite loop ...
11 years ago

CVE-2016-2346 - Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream. ...
9 years ago

CVE-2015-2346 - XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote authenticated users to read arbitrary files via the req parameter. <a ...
9 years ago

CVE-2004-2346 - Multiple cross-site scripting (XSS) vulnerabilities in Forum Web Server 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the Subject field in post1.htm and (2) the File Description field in postfile2.htm. ...
8 years ago

CVE-2006-2346 - vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. ...
8 years ago

CVE-2008-2346 - AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php. ...
8 years ago

CVE-2007-2346 - Multiple PHP remote file inclusion vulnerabilities in PHP-Generics 1.0 beta allow remote attackers to execute arbitrary PHP code via a URL in the _APP_RELATIVE_PATH parameter to (1) include.php, (2) dbcommon/include.php, and (3) ...
8 years ago

CVE-2019-2346 - Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...
6 years ago

CVE-2013-2346 - Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1870. ...
6 years ago

CVE-2017-2346 - An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service PC can result in an extended denial of service condition. The issue can be seen only if NAT ...
6 years ago

CVE-2011-2346 - Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts. ...
5 years ago