Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-02-08 | CVE-2004-1244 | Unspecified vulnerability in Microsoft Windows Media Player 9 Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability." | 7.5 |
2004-02-07 | CVE-2004-2090 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist. | 5.0 |
2004-02-07 | CVE-2004-2084 | Cross-Site Scripting vulnerability in JShop E-Commerce Suite xSearch Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. network jshop-e-commerce | 4.3 |
2004-02-06 | CVE-2004-2089 | Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command. | 5.0 |
2004-02-06 | CVE-2004-2086 | Buffer Overflow vulnerability in Sambar Server 6.0 Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | 5.0 |
2004-02-06 | CVE-2004-2073 | Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command. | 7.2 |
2004-02-04 | CVE-2004-2085 | HTML Injection vulnerability in Brad Fears PHPCodeCabinet comments.php Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) the sid parameter to comments.php, (2) the cid, cf, or rfd parameters to category.php, or the cid parameter to (3) input.php, (4) browse.php, (5) themes/facade/header.php, or (6) themes/phpcc/header.php. network brad-fears | 4.3 |
2004-02-03 | CVE-2004-1082 | mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | 7.5 |
2004-02-03 | CVE-2004-0046 | Cross-Site Scripting vulnerability in SnapStream PVS Lite Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character. network snapstream | 4.3 |
2004-02-03 | CVE-2004-0045 | Buffer Overrun vulnerability in ISC INN 2.4.0 Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | 7.5 |