Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2631 | Input Validation vulnerability in phpMyAdmin Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name. | 7.5 |
| 2004-12-31 | CVE-2004-2630 | Remote Command Execution vulnerability in phpMyAdmin The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2629 | Denial-Of-Service vulnerability in Conference Server Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | 7.8 |
| 2004-12-31 | CVE-2004-2628 | Directory Traversal vulnerability in Acme Labs Thttpd 2.0.7Beta0.4 Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote attackers to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:"). | 5.0 |
| 2004-12-31 | CVE-2004-2627 | Remote Security vulnerability in Java 2 Micro Edition Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | 10.0 |
| 2004-12-31 | CVE-2004-2626 | Unspecified vulnerability in Siemens S55 09.2179 GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message. | 3.7 |
| 2004-12-31 | CVE-2004-2625 | HTML Injection vulnerability in Outblaze Webmail Cross-site scripting (XSS) vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag. | 5.1 |
| 2004-12-31 | CVE-2004-2624 | Cross-Site Scripting vulnerability in Wackowiki R3/R3.5 Cross-site scripting (XSS) vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter. network wackowiki | 4.3 |
| 2004-12-31 | CVE-2004-2623 | Remote Security vulnerability in Rippy The Aggregator Unknown vulnerability in Rippy the Aggregator before 0.10, when register_globals is enabled, has unknown attack vectors and impact, possibly related to the "user-controlled filter." | 10.0 |
| 2004-12-31 | CVE-2004-2622 | Remote Command Execution vulnerability in Altiris Deployment Server AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access. | 10.0 |