Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-07-27 | CVE-2004-0726 | Unspecified vulnerability in Microsoft Windows 2000 The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel. | 7.5 |
| 2004-07-27 | CVE-2004-0721 | Unspecified vulnerability in KDE Konqueror 3.1.3/3.2.2 Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | 7.5 |
| 2004-07-27 | CVE-2004-0720 | Unspecified vulnerability in Apple Safari 1.2.2 Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | 7.5 |
| 2004-07-27 | CVE-2004-0719 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | 7.5 |
| 2004-07-27 | CVE-2004-0718 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | 7.5 |
| 2004-07-27 | CVE-2004-0717 | Unspecified vulnerability in Opera Browser 7.50/7.51 Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | 7.5 |
| 2004-07-27 | CVE-2004-0711 | Unspecified vulnerability in BEA Weblogic Server 7.0/8.1 The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if they were the legal "/*" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected. | 7.5 |
| 2004-07-27 | CVE-2004-0709 | Remote Access vulnerability in HP OpenView Select Access Unicode HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions. | 7.5 |
| 2004-07-27 | CVE-2004-0708 | Privilege Escalation vulnerability in Moinmoin 1.1/1.2/1.2.1 MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges. | 7.5 |
| 2004-07-27 | CVE-2004-0707 | Unspecified vulnerability in Mozilla Bugzilla SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL. | 7.5 |