Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2555 | Unspecified vulnerability in Smartstuff Foolproof Security 3.9/3.9.4/3.9.7 Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key. | 2.1 |
| 2004-12-31 | CVE-2004-2547 | Input Validation vulnerability in Netwin Surgemail and Webmail NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message. | 2.6 |
| 2004-12-31 | CVE-2004-2544 | Information Disclosure vulnerability in Securecomputing Sidewinder G2 6.1.0.01 Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information. | 2.1 |
| 2004-12-31 | CVE-2004-2530 | Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, which is not displayed in the dialog box. | 2.6 |
| 2004-12-31 | CVE-2004-2502 | Symbolic Link vulnerability in IM-Switch Insecure Temporary File Handling im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcher[PID] temporary file. | 2.1 |
| 2004-12-31 | CVE-2004-2491 | Race Condition vulnerability in Opera Browser A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. | 2.6 |
| 2004-12-31 | CVE-2004-2477 | Unspecified vulnerability in Diamondcs Process Guard Free 2.000 DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe. | 2.1 |
| 2004-12-31 | CVE-2004-2476 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2800 Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. | 2.6 |
| 2004-12-31 | CVE-2004-2473 | Link Following vulnerability in Wmfrog 0.1.6 wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 1.2 |
| 2004-12-31 | CVE-2004-2459 | Local Security vulnerability in gnubiff Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | 2.1 |