Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1220 | Games Remote Denial of Service vulnerability in Digital Illusions Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference. | 5.0 |
| 2005-01-10 | CVE-2004-1219 | Unspecified vulnerability in PHP Arena Pafiledb 3.1 paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session. | 5.0 |
| 2005-01-10 | CVE-2004-1218 | Remote Execute Remote Denial of Service vulnerability in Ibex Software Remote Execute 2.3 Remote Execute 2.30 allows remote attackers to cause a denial of service (application crash) by making 7 simultaneous connections. | 5.0 |
| 2005-01-10 | CVE-2004-1217 | Unspecified vulnerability in Hosting Controller Hosting Controller 6.1/6.1Hotfix1.4 Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp. | 5.0 |
| 2005-01-10 | CVE-2004-1216 | Remote vulnerability in Burut Kreed 1.5 The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game. | 5.0 |
| 2005-01-10 | CVE-2004-1215 | Remote vulnerability in Burut Kreed 1.5 Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error. | 5.0 |
| 2005-01-10 | CVE-2004-1214 | Remote vulnerability in Burut Kreed 1.5 Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text. | 10.0 |
| 2005-01-10 | CVE-2004-1213 | Cross-Site Scripting vulnerability in Advanced Guestbook Advanced Guestbook 2.2/2.3.1 Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter. network advanced-guestbook | 6.8 |
| 2005-01-10 | CVE-2004-1212 | Remote Directory Traversal vulnerability in Blog Torrent Blog Torrent Preview 0.8 Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. | 5.0 |
| 2005-01-10 | CVE-2004-1211 | Buffer Errors vulnerability in David Harris Mercury 4.0.1A Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands. | 10.0 |