Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-24 | CVE-2005-0072 | Unspecified vulnerability in Ejoy and HU Yong Zhcon 0.2 zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files. | 2.1 |
| 2005-01-14 | CVE-2005-0110 | Security Bypass vulnerability in Microsoft IE 6.0 Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. | 2.6 |
| 2005-01-11 | CVE-2005-0288 | Unspecified vulnerability in Bottomline Webseries Payment Application 4.0 The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords. | 3.6 |
| 2005-01-10 | CVE-2004-1295 | Denial-Of-Service vulnerability in Uml-Utilities 20030903 The slip_down function in slip.c for the uml_net program in uml-utilities 20030903, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service (network service disabled). | 2.1 |
| 2005-01-10 | CVE-2004-1276 | Local Security vulnerability in Iglooftp 0.6.1 IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP. | 2.1 |
| 2005-01-10 | CVE-2004-1270 | lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | 2.1 |
| 2005-01-10 | CVE-2004-1268 | lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. | 2.1 |
| 2005-01-10 | CVE-2004-1204 | Denial-Of-Service vulnerability in Fluxbot FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service (application crash) by calling Xman with a long -title value, possibly triggering a buffer overflow. | 2.1 |
| 2005-01-10 | CVE-2004-1191 | Local Security vulnerability in Linux 8.1/9.2 Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages." | 1.2 |
| 2005-01-10 | CVE-2004-1190 | Unspecified vulnerability in Suse Linux 8.1/8.2/9.0 SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices. | 2.1 |