Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-05-02 | CVE-2004-1983 | Denial Of Service vulnerability in PaX 2.6 Kernel Patch The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | 2.1 |
2004-04-26 | CVE-2004-1355 | Denial of Service vulnerability in Sun Solaris TCP/IP Networking Stack Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | 2.1 |
2004-04-23 | CVE-2004-1356 | Local Denial Of Service vulnerability in Sun Solaris SendFileV Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | 2.1 |
2004-04-21 | CVE-2004-1957 | Cross-Site Scripting And Path Disclosure vulnerability in PostNuke Phoenix Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php. | 2.6 |
2004-04-15 | CVE-2004-0372 | Unspecified vulnerability in Xine xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts. | 2.1 |
2004-04-12 | CVE-2004-1933 | Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow local users to bypass access controls and read unauthorized messages. | 2.1 |
2004-04-11 | CVE-2004-1922 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size. | 2.6 |
2004-03-30 | CVE-2004-1877 | Authentication Credential Disclosure vulnerability in Oracle Application Server and Http Server The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password. | 2.6 |
2004-03-26 | CVE-2004-1865 | Cross-Site Scripting vulnerability in Bblog 0.7.2 Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). | 3.5 |
2004-03-24 | CVE-2004-1857 | Directory Traversal vulnerability in HP web Jetadmin 7.5.2546 Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. | 2.1 |