Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2685 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Youngzsoft Ccproxy Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416. | 7.5 |
| 2004-12-31 | CVE-2004-2684 | Local Security vulnerability in Intersystems Cache Database 5 Unspecified vulnerability in the %template package in InterSystems Cache' 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files under (a) Dev\studio\templates and (b) Devuser\studio\templates. | 2.1 |
| 2004-12-31 | CVE-2004-2683 | Local Security vulnerability in Intersystems Cache 5 Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server. | 2.1 |
| 2004-12-31 | CVE-2004-2682 | Cross-Site Scripting vulnerability in MatrixSSL PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal), a related issue to CVE-2003-0147. network peersec-networks | 5.8 |
| 2004-12-31 | CVE-2004-2681 | Cross-Site Scripting vulnerability in MatrixSSL PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to hijack a session. | 7.5 |
| 2004-12-31 | CVE-2004-2679 | Information Disclosure vulnerability in Checkpoint Firewall-1 4.0/4.1/R55 Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. | 7.8 |
| 2004-12-31 | CVE-2004-2678 | IPsec/IKE Remote Privilege Escalation vulnerability in HP Tru64 5.1A/5.1Bp3Kbl24/5.1Bpk2Bl22 Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors. | 5.1 |
| 2004-12-31 | CVE-2004-2677 | Remote Format String vulnerability in Qwikmail Smtp 0.3 Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments. | 7.5 |
| 2004-12-31 | CVE-2004-2676 | Local Security vulnerability in Webroot Software SPY Sweeper Enterprise 1.5.1Build3698 The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. | 7.2 |
| 2004-12-31 | CVE-2004-2675 | Multiple vulnerability in ArGoSoft FTP Server ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted. | 6.8 |