Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1902 | Unspecified vulnerability in Citrix Metaframe Password Manager 2.0 The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information. | 2.1 |
| 2004-12-31 | CVE-2004-1895 | Unspecified vulnerability in Suse Linux 8.2/9.0 YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. | 2.1 |
| 2004-12-31 | CVE-2004-1894 | TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrary files via a symlink attack on texutil.log. | 2.1 |
| 2004-12-31 | CVE-2004-1808 | Unspecified vulnerability in Metamail Corporation Metamail 2.7 Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
| 2004-12-31 | CVE-2004-1795 | Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI. | 2.1 |
| 2004-12-31 | CVE-2004-1753 | The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | 2.6 |
| 2004-12-31 | CVE-2004-1748 | Local Denial of Service vulnerability in Sysinternals Regmon NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue. | 2.1 |
| 2004-12-31 | CVE-2004-1586 | Local Security vulnerability in Jera Technology Flash Messaging Server 5.2.0G Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected. | 2.1 |
| 2004-12-31 | CVE-2004-1500 | Remote Format String vulnerability in Monolith Lithtech Game Engine Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message. | 2.1 |
| 2004-12-31 | CVE-2004-1495 | Unspecified vulnerability in Rarlab Winrar The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive. | 2.6 |