Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0851 | Infinite Loop vulnerability in Filezilla-Project Filezilla Server FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings. | 5.0 |
| 2005-05-02 | CVE-2005-0850 | Improper Input Validation vulnerability in Filezilla-Project Filezilla Server FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others. | 5.0 |
| 2005-05-02 | CVE-2005-0849 | Unspecified vulnerability in Funlabs products Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangerous Hunts, Deer Hunt, Revolution, Secret Service, Shadow Force, and US Most Wanted, allow remote attackers to cause a denial of service (crash from invalid memory access) via a malformed join packet with values that cause the server to copy more memory than was actually provided in the packet. | 5.0 |
| 2005-05-02 | CVE-2005-0848 | Unspecified vulnerability in Funlabs products Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangerous Hunts, Deer Hunt, Revolution, Secret Service, Shadow Force, and US Most Wanted, allow remote attackers to cause a denial of service via an empty UDP packet to the server, which cannot detect that a new packet has arrived using the socket ioctl. | 5.0 |
| 2005-05-02 | CVE-2005-0847 | Remote Denial of Service vulnerability in Code Ocean FTP Server 1.0 Code Ocean FTP server 1.0 allows remote attackers to cause a denial of service via a large number of connections. | 5.0 |
| 2005-05-02 | CVE-2005-0846 | Cross-Site Scripting vulnerability in Netwin Surgemail 2.2G3 Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. network netwin | 4.3 |
| 2005-05-02 | CVE-2005-0845 | Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0844 | Cryptographic Issues vulnerability in Nortel Contivity 5.01 Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information. | 4.6 |
| 2005-05-02 | CVE-2005-0843 | Unspecified vulnerability in Phorum 5.0.14A CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header. | 5.0 |
| 2005-05-02 | CVE-2005-0842 | Unspecified vulnerability in Kayako Esupport 2.3 Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. network kayako | 4.3 |