Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2393 | Unspecified vulnerability in SUN Jsse 1.0.3/1.0.301/1.0.302 Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS. | 7.5 |
| 2004-12-31 | CVE-2004-2387 | Remote vulnerability in Sredird Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code. | 7.5 |
| 2004-12-31 | CVE-2004-2386 | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function. | 7.5 |
| 2004-12-31 | CVE-2004-2376 | Denial-Of-Service vulnerability in Twilight Utilities Twilight Utilities web Server 2.0.0.0 Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute. | 7.5 |
| 2004-12-31 | CVE-2004-2375 | Remote Buffer Overflow vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.0 Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest). | 7.5 |
| 2004-12-31 | CVE-2004-2373 | Unspecified vulnerability in AOL Instant Messenger The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | 7.5 |
| 2004-12-31 | CVE-2004-2372 | Local Security vulnerability in Bochs Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path. | 7.2 |
| 2004-12-31 | CVE-2004-2370 | Remote Security vulnerability in Cerulean Studios Trillian and Trillian PRO Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | 7.5 |
| 2004-12-31 | CVE-2004-2350 | SQL Injection vulnerability in PHPBB Search.PHP Search_Results Parameter SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2349 | Remote SQL Injection vulnerability in Tunez Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries. | 7.5 |