CVE-2005-3448

Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01.

Publication date: Wed, 02 Nov 2005 17:03:00 +0000

Cyber News related to CVE-2005-3448

CVE-2023-22400 - An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a ...
2 years ago

CVE-2006-3448 - Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, ...
6 years ago

CVE-2005-3448 - Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01. ...
12 years ago

CVE-2023-3448 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
2 days ago Tenable.com

CVE-2024-3448 - Users with low privileges can perform certain AJAX actions. In this vulnerability instance, improper access to ajax?action=plugin:focus:checkIframeAvailability leads to a Server-Side Request Forgery by analyzing the error messages returned from the ...
10 months ago Tenable.com

CVE-2011-3448 - Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. ...
13 years ago

CVE-2013-3448 - Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315. ...
8 years ago

CVE-2015-3448 - REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log. ...
8 years ago

CVE-2009-3448 - npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a ...
1 year ago

CVE-2016-3448 - Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors. ...
7 years ago

CVE-2007-3448 - Cross-site scripting (XSS) vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. NOTE: 4.0.2 and other versions might also be affected. ...
7 years ago

CVE-2012-3448 - Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors. ...
6 years ago

CVE-2008-3448 - Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. ...
6 years ago

CVE-2014-3448 - BSS Continuity CMS 4.2.22640.0 has a Remote Code Execution vulnerability due to unauthenticated file upload ...
5 years ago

CVE-2020-3448 - A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are running on an affected device. The vulnerability is ...
4 years ago

CVE-2021-3448 - A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by ...
2 years ago

CVE-2010-3448 - drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which allows local users to cause a denial of service ...
1 year ago

CVE-2022-3448 - Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: ...
1 year ago

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
55 years ago Tenable.com

CVE-2005-3122 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should ...
55 years ago Tenable.com

CVE-2005-2965 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should ...
55 years ago Tenable.com

Latest Cyber News

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 17 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 4 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 4 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 7 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 7 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 7 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 8 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 11 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 11 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 13 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 13 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 13 hours ago
CVE-2025-1207 - 14 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 17 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 4 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 4 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 7 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 7 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 7 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 8 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 11 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 13 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 11 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 13 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 13 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
CVE-2023-40721 - 1 day ago