Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2345 | Security vulnerability in Oracle9i Database Server Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information. | 6.5 |
| 2004-12-31 | CVE-2004-2344 | Remote H.225 Denial Of Service vulnerability in Vocaltec Vgw120 Telephony Gateway and Vgw480 Telephony Gateway Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec VGW120 and VGW480 allows remote attackers to cause a denial of service. | 5.0 |
| 2004-12-31 | CVE-2004-2342 | Remote Denial of Service vulnerability in ChatterBox ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using "aaaaaa". | 5.0 |
| 2004-12-31 | CVE-2004-2341 | Remote Security vulnerability in iSearch PHP file include injection vulnerability in isearch.inc.php for iSearch allows remote attackers to execute arbitrary code via the isearch_path parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2340 | Remote SQL Injection vulnerability in PunkBuster Database ** UNVERIFIABLE ** SQL injection vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 allows remote attackers to execute arbitrary SQL commands via the username and password fields of the login form. | 7.5 |
| 2004-12-31 | CVE-2004-2338 | Unspecified vulnerability in Openbsd 3.3/3.4 OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. | 7.5 |
| 2004-12-31 | CVE-2004-2337 | Unspecified vulnerability in Inlook The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials. | 2.1 |
| 2004-12-31 | CVE-2004-2336 | Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server. | 5.0 |
| 2004-12-31 | CVE-2004-2335 | Local Privilege Escalation vulnerability in Macromedia Contribute and Studio The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program. | 7.2 |
| 2004-12-31 | CVE-2004-2334 | Multiple vulnerability in Emumail EMU Webmail 5.2.7 Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via (1) a hex-encoded value to the variable parameter in emumail.fcgi, (2) the folder parameter in emumail.fcgi, or Javascript in the (3) username or (4) password field in the login page. network emumail | 4.3 |