Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2465 | Cross-Site Scripting vulnerability in EFS Software Easy Chat Server 1.2 Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. network efs-software | 4.3 |
2004-12-31 | CVE-2004-2462 | Symbolic Link vulnerability in Cplay 1.49 cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplay_control temporary file. | 4.6 |
2004-12-31 | CVE-2004-2461 | Remote POP3 Protocol vulnerability in gnubiff Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-2460 | Remote POP3 Protocol vulnerability in gnubiff Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. | 5.0 |
2004-12-31 | CVE-2004-2459 | Local Security vulnerability in gnubiff Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | 2.1 |
2004-12-31 | CVE-2004-2458 | Unspecified vulnerability in Open Webmail Open Webmail Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | 5.0 |
2004-12-31 | CVE-2004-2457 | Remote Denial Of Service vulnerability in 3Com OfficeConnect ADSL Wireless 11g Firewall Router Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. | 5.0 |
2004-12-31 | CVE-2004-2456 | Remote SQL Injection vulnerability in MiniBB SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | 7.5 |
2004-12-31 | CVE-2004-2455 | Unspecified vulnerability in Sweex Wireless Broadband Router Accesspoint 802.11G Lc000060 Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. | 7.5 |
2004-12-31 | CVE-2004-2454 | Information Disclosure vulnerability in Amsn 0.90 aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml. | 2.1 |