Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2706 | Improper Input Validation vulnerability in Phrozensmoke Gyach Enhanced Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | 5.0 |
| 2004-12-31 | CVE-2004-2649 | Improper Input Validation vulnerability in Eudora 6.1.0.6 Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting a large number of characters (e.g. | 5.8 |
| 2004-12-31 | CVE-2004-2596 | Improper Input Validation vulnerability in ID Software Quake II Server 3.20/3.21 Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | 5.0 |
| 2004-12-31 | CVE-2004-2592 | Improper Input Validation vulnerability in ID Software Quake II Server 3.20/3.21 Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines. | 5.0 |
| 2004-12-31 | CVE-2004-2533 | Improper Input Validation vulnerability in Solarwinds Serv-U File Server 4.1.0.0 Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111. | 5.0 |
| 2004-12-31 | CVE-2004-1777 | Improper Input Validation vulnerability in Skype Technologies Skype 0.98.0.04 A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114. | 5.0 |
| 2004-12-31 | CVE-2004-1386 | Improper Input Validation vulnerability in Tiki Tikiwiki Cms/Groupware 1.6.1 TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | 7.5 |
| 2004-11-23 | CVE-2004-0276 | Improper Input Validation vulnerability in Monkey-Project Monkey The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field. | 5.0 |
| 2004-11-23 | CVE-2004-0244 | Improper Input Validation vulnerability in Cisco IOS 12.1E/12.2Sy/12.2Za Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | 4.7 |
| 2004-11-03 | CVE-2004-0840 | Improper Input Validation vulnerability in Microsoft Exchange Server, Windows Server 2003 and Windows XP The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | 10.0 |