Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0989 | The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method. | 5.0 |
| 2005-05-02 | CVE-2005-0987 | Remote Security vulnerability in Nickserv Listlinks Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 allows remote attackers to obtain the links of a nick. | 5.0 |
| 2005-05-02 | CVE-2005-0984 | Buffer Overflow vulnerability in Lucasarts Star Wars Jedi Knight Jedi Academy 1.0.11 Buffer overflow in the G_Printf function in Star Wars Jedi Knight: Jedi Academy 1.011 and earlier allows remote attackers to execute arbitrary code via a long message using commands such as (1) say and (2) tell. | 5.0 |
| 2005-05-02 | CVE-2005-0983 | Denial of Service vulnerability in Quake 3 Engine Message Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. | 5.0 |
| 2005-05-02 | CVE-2005-0982 | Unspecified vulnerability in YET Another Forum.Net YET Another Forum.Net 0.9.9 Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, or (3) Subject field. network yet-another-forum-net | 4.3 |
| 2005-05-02 | CVE-2005-0981 | Cross-Site Scripting vulnerability in Alstrasoft Epay 2.0 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter. network alstrasoft | 4.3 |
| 2005-05-02 | CVE-2005-0978 | Directory Traversal vulnerability in IVT Bluesoleil 1.4 Directory traversal vulnerability in the Object Push service in IVT BlueSoleil 1.4 allows remote attackers to upload arbitrary files via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0976 | AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs. | 5.0 |
| 2005-05-02 | CVE-2005-0968 | Unspecified vulnerability in Broadcom Etrust Intrusion Detection 3.0 Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API. | 5.0 |
| 2005-05-02 | CVE-2005-0967 | Remote Denial Of Service vulnerability in ROB Flynn Gaim 1.2.0 Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | 5.0 |