Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-23 | CVE-2005-2706 | Unspecified vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla. | 6.4 |
| 2005-09-23 | CVE-2005-2704 | Unspecified vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface. | 5.0 |
| 2005-09-23 | CVE-2005-2703 | Code Injection vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting. | 5.0 |
| 2005-09-22 | CVE-2005-3041 | Unspecified vulnerability in Opera Browser Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads." | 5.0 |
| 2005-09-22 | CVE-2005-3040 | Directory Traversal vulnerability in Vista 3.0/4.0 Directory traversal vulnerability in the web interface (ISALogin.dll) for TAC Vista 4.0, and possibly other versions before 4.3, allows remote attackers to read arbitrary files via ".." sequences in the Template parameter. | 5.0 |
| 2005-09-22 | CVE-2005-3038 | Information Disclosure vulnerability in Hosting Controller Hosting Controller 6.1Hotfix2.3 Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote attackers to list and read contents of arbitrary drives, related to "the PHP vulnerability." | 5.0 |
| 2005-09-22 | CVE-2005-3037 | Cross-Site Scripting vulnerability in Handy Address Book Handy Address Book Server 1.1 Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL. network handy-address-book | 4.3 |
| 2005-09-22 | CVE-2005-3036 | Local Security vulnerability in Ttxn File Transfer Anywhere 3.01 File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in the "File Transfer Anywhere" registry key, which allows local users to gain privileges. | 4.6 |
| 2005-09-22 | CVE-2005-3035 | Remote Reboot vulnerability in Compuware Driverstudio 2.7/3.0Beta2 Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110. | 5.0 |
| 2005-09-21 | CVE-2005-3030 | Directory Traversal vulnerability in Ahnlab V3 Virusblock 2005, V3Net and V3Pro 2004 Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to write arbitrary files via a .. | 5.0 |