Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2225 | Unspecified vulnerability in Mozilla Firefox Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | 5.0 |
| 2004-12-31 | CVE-2004-2224 | Denial-Of-Service vulnerability in Appfoundry Message Foundry 2.75.0003 Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | 5.0 |
| 2004-12-31 | CVE-2004-2223 | Input Validation vulnerability in FsPHPGallery FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | 5.0 |
| 2004-12-31 | CVE-2004-2221 | Buffer Overflow vulnerability in Mercantec Softcart 4.00B Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. | 7.5 |
| 2004-12-31 | CVE-2004-2220 | Unspecified vulnerability in F-Secure Anti-Virus 6.30/6.30Sr1/6.31 F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | 5.0 |
| 2004-12-31 | CVE-2004-2219 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | 2.6 |
| 2004-12-31 | CVE-2004-2218 | SQL Injection vulnerability in PHPMyWebHosting SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2217 | Remote Denial Of Service vulnerability in yChat Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | 5.0 |
| 2004-12-31 | CVE-2004-2216 | Remote Denial Of Service vulnerability in SUN products Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | 5.0 |
| 2004-12-31 | CVE-2004-2215 | Unspecified vulnerability in Marc Lehmann Rxvt-Unicode 3.4/3.5 RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | 4.6 |