Vulnerabilities > Microsoft > Windows 98Se > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-05-16 | CVE-2007-1898 | Unspecified vulnerability in Jetbox CMS 2.1 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. | 5.8 |
| 2007-04-24 | CVE-2007-2186 | Denial of Service vulnerability in Foxit PDF Reader 2.0 Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | 5.0 |
| 2007-02-23 | CVE-2006-7039 | Remote Denial Of Service vulnerability in Atrium Software Mercur Messaging 2005 5.0Sp3 The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field. | 5.0 |
| 2007-02-23 | CVE-2006-7037 | Local Security vulnerability in Mathsoft Mathcad 12/13/13.1 Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. | 4.4 |
| 2006-06-13 | CVE-2006-1313 | Unspecified vulnerability in Microsoft products Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. network microsoft | 6.8 |
| 2006-04-12 | CVE-2006-0012 | Remote Code Execution vulnerability in Microsoft Windows Shell COM Object Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." | 5.1 |
| 2005-06-14 | CVE-2005-1214 | Unspecified vulnerability in Microsoft products Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | 5.1 |
| 2005-05-02 | CVE-2005-1191 | Unspecified vulnerability in Microsoft products The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. | 5.0 |
| 2005-05-02 | CVE-2005-1184 | Denial Of Service vulnerability in Multiple Vendor TCP Session Acknowledgement Number The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. | 5.0 |
| 2005-04-12 | CVE-2004-0790 | Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. | 5.0 |