CyberSecurityBoard
Sponsor Register Login

CVE-2005-4803

graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier. This vulnerability is addressed in the following product release: Graphviz, Graphviz, 2.2.1

Publication date: Sat, 31 Dec 2005 11:00:00 +0000


Cyber News related to CVE-2005-4803

CVE-2005-2965 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should ...
54 years ago Tenable.com
CVE-2005-4803 - graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different ...
6 years ago
CVE-2007-4803 - Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 ...
7 years ago
CVE-2015-4911 - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893. ...
2 years ago
CVE-2015-4893 - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911. ...
2 years ago
CVE-2015-4803 - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. ...
2 years ago
CVE-2020-4803 - IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535. ...
3 years ago
CVE-2009-4803 - SQL injection vulnerability in the Accessibility Glossary (a21glossary) extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. A fix for this vulnerability was included in 0.4.11. ...
14 years ago
CVE-2010-4803 - Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors. ...
13 years ago
CVE-2011-4803 - SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
12 years ago
CVE-2016-4803 - CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject. <a ...
8 years ago
CVE-2008-4803 - Cross-site scripting (XSS) vulnerability in index.php in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. NOTE: the provenance of this information is unknown; the ...
7 years ago
CVE-2014-4803 - CRLF injection vulnerability in the Universal Access implementation in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix007, and 6.0.5 before 6.0.5.5 iFix003, when WebSphere Application Server is not used, allows ...
7 years ago
CVE-2006-4803 - The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." ...
6 years ago
CVE-2022-4803 - Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. ...
1 year ago
CVE-2018-4803 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago
CVE-2023-4803 - A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console ...
1 year ago
CVE-2012-4803 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none ...
54 years ago Tenable.com
CVE-2013-4803 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
54 years ago Tenable.com
CVE-2017-4803 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com
CVE-2024-4803 - A vulnerability was found in Kashipara College Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file submit_admin.php. The manipulation of the argument phone leads to sql ...
7 months ago Tenable.com
CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago
CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago
CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago
CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)