Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2497 | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network hitachi | 4.3 |
| 2004-12-31 | CVE-2004-2496 | Remote Denial Of Service vulnerability in OpenText FirstClass HTTP Daemon Search Function The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search. | 7.8 |
| 2004-12-31 | CVE-2004-2495 | Multiple vulnerability in Code-Crafters Ability Mail Server 1.18 The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service. | 7.8 |
| 2004-12-31 | CVE-2004-2494 | Multiple vulnerability in Code-Crafters Ability Mail Server Cross-site scripting (XSS) vulnerability in _error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter. network code-crafters | 4.3 |
| 2004-12-31 | CVE-2004-2493 | Cross-Site Scripting And Directory Traversal vulnerability in Hitachi products Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter. | 4.0 |
| 2004-12-31 | CVE-2004-2492 | Cross-Site Scripting And Directory Traversal vulnerability in Groupmax World Wide Web Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. network hitachi | 4.3 |
| 2004-12-31 | CVE-2004-2491 | Race Condition vulnerability in Opera Browser A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. | 2.6 |
| 2004-12-31 | CVE-2004-2490 | Local Privilege Escalation vulnerability in IBM products Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH environment variable. | 4.6 |
| 2004-12-31 | CVE-2004-2489 | Local Privilege Escalation vulnerability in IBM Informix Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename. | 4.6 |
| 2004-12-31 | CVE-2004-2486 | Authentication vulnerability in Dropbear SSH Server Digital Signature Standard The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access. | 7.5 |