Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2312 | Local Buffer Overflow vulnerability in IBM AIX 4.3.3 Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | 7.2 |
| 2004-12-31 | CVE-2004-2311 | Directory Traversal vulnerability in IBM Lotus Domino 6.5.1 Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. | 3.6 |
| 2004-12-31 | CVE-2004-2310 | Cross-Site Scripting vulnerability in IBM Lotus Domino 6.5.1 Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. network ibm | 4.3 |
| 2004-12-31 | CVE-2004-2309 | Remote Information Disclosure vulnerability in Crob FTP Server 3.5.1 Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command. | 2.1 |
| 2004-12-31 | CVE-2004-2308 | Cross-Site Scripting vulnerability in cPanel dir Parameter Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html. network cpanel | 4.3 |
| 2004-12-31 | CVE-2004-2307 | Unspecified vulnerability in Microsoft Internet Explorer and Windows XP Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A. | 5.0 |
| 2004-12-31 | CVE-2004-2306 | Unspecified vulnerability in SUN Solaris and Sunos Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | 4.6 |
| 2004-12-31 | CVE-2004-2305 | Unspecified vulnerability in Broadcom Etrust Antivirus EE 6.0/7.0 Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files. | 5.0 |
| 2004-12-31 | CVE-2004-2304 | Remote Boundary Condition Error vulnerability in Cerulean Studios Trillian and Trillian PRO Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | 7.5 |
| 2004-12-31 | CVE-2004-2303 | Privilege Escalation vulnerability in MTools MFormat MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files. | 3.6 |