Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1199 | Denial Of Service vulnerability in Apple Safari Web Browser Infinite Array Sort Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | 5.0 |
| 2005-01-10 | CVE-2004-1197 | Cross-Site Scripting vulnerability in InShop and InMail Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop allows remote attackers to inject arbitrary web script or HTML via the screen parameter. network insite | 6.8 |
| 2005-01-10 | CVE-2004-1196 | Cross-Site Scripting vulnerability in InShop and InMail Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail allows remote attackers to inject arbitrary web script or HTML via the acao parameter. network insite | 6.8 |
| 2005-01-10 | CVE-2004-1195 | Remote Denial Of Service vulnerability in Lucasarts Star Wars Battlefront 1.11 Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory. | 5.0 |
| 2005-01-10 | CVE-2004-1194 | Remote Denial Of Service vulnerability in Lucasarts Star Wars Battlefront 1.11 Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | 5.0 |
| 2005-01-10 | CVE-2004-1193 | Permissions, Privileges, and Access Controls vulnerability in Prevx Home 1.0 Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable. | 6.6 |
| 2005-01-10 | CVE-2004-1192 | Remote Security vulnerability in Citadel/UX Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server. | 10.0 |
| 2005-01-10 | CVE-2004-1191 | Local Security vulnerability in Linux 8.1/9.2 Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages." | 1.2 |
| 2005-01-10 | CVE-2004-1190 | Unspecified vulnerability in Suse Linux 8.1/8.2/9.0 SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices. | 2.1 |
| 2005-01-10 | CVE-2004-1188 | The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187. | 10.0 |