Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2728 | Buffer Errors vulnerability in Hummingbird Connectivity 7.1/9.0 Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | 3.5 |
| 2004-12-31 | CVE-2004-2727 | Buffer Errors vulnerability in Mailenable 1.5/1.6/1.7 Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request. | 4.3 |
| 2004-12-31 | CVE-2004-2726 | Denial-Of-Service vulnerability in Mailenable 1.18 HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). | 5.0 |
| 2004-12-31 | CVE-2004-2725 | Cross-Site Scripting vulnerability in Aztek Forum Aztek Forum 4.0 Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in (c) forum_2.php. | 4.3 |
| 2004-12-31 | CVE-2004-2724 | Improper Authentication vulnerability in Lionmax Software Chat Anywhere 2.72A LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character. | 7.1 |
| 2004-12-31 | CVE-2004-2723 | Credentials Management vulnerability in Nessus Nessuswx 1.4.4 NessusWX 1.4.4 stores account passwords in plaintext in .session files, which allows local users to obtain passwords. | 2.1 |
| 2004-12-31 | CVE-2004-2721 | Cryptographic Issues vulnerability in Heiko Stamer Openskat The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages. | 4.3 |
| 2004-12-31 | CVE-2004-2720 | Cross-Site Scripting vulnerability in Snitz Communications Snitz Forums 2000 Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter. | 4.3 |
| 2004-12-31 | CVE-2004-2719 | Buffer Errors vulnerability in Foxmail 5.0.300 Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339. | 6.8 |
| 2004-12-31 | CVE-2004-2718 | Permissions, Privileges, and Access Controls vulnerability in PHP Heaven PHPmychat 0.14.5 PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request. | 4.3 |