CyberSecurityBoard
Sponsor Register Login

CVE-2005-2974

libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.

Publication date: Fri, 04 Nov 2005 06:02:00 +0000


Cyber News related to CVE-2005-2974

CVE-2005-2974 - libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. ...
2 years ago
CVE-2009-2974 - Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service ...
1 year ago
CVE-2010-2974 - Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra ...
14 years ago
CVE-2014-2974 - Cross-site request forgery (CSRF) vulnerability in php/user_account.php in Silver Peak VX through 6.2.4 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. ...
10 years ago
CVE-2015-2974 - LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file. ...
9 years ago
CVE-2017-8052 - Craft CMS before 2.6.2974 allows XSS attacks. ...
7 years ago
CVE-2006-2974 - Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter ...
7 years ago
CVE-2013-2974 - The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete ...
7 years ago
CVE-2016-2974 - IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934. ...
7 years ago
CVE-2008-2974 - Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter. ...
7 years ago
CVE-2012-2974 - The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) ...
7 years ago
CVE-2007-2974 - Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around." ...
6 years ago
CVE-2017-2974 - Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. ...
5 years ago
CVE-2019-2974 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged ...
2 years ago
CVE-2023-2974 - A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS protocol. ...
1 year ago
CVE-2011-2974 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none ...
55 years ago Tenable.com
CVE-2018-2974 - Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, ...
5 years ago
CVE-2020-2974 - Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...
4 years ago
CVE-2024-2974 - The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 5.9.13 via the load_more function. This can ...
10 months ago Tenable.com
CVE-2022-49018 - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 in_atomic(): 1, ...
4 months ago Tenable.com
CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago
CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago
CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago
CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago
CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
55 years ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)