Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1201 | Resource Exhaustion vulnerability in Opera Browser Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | 5.0 |
| 2005-01-10 | CVE-2004-1199 | Denial Of Service vulnerability in Apple Safari Web Browser Infinite Array Sort Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | 5.0 |
| 2005-01-10 | CVE-2004-1197 | Cross-Site Scripting vulnerability in InShop and InMail Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop allows remote attackers to inject arbitrary web script or HTML via the screen parameter. network insite | 6.8 |
| 2005-01-10 | CVE-2004-1196 | Cross-Site Scripting vulnerability in InShop and InMail Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail allows remote attackers to inject arbitrary web script or HTML via the acao parameter. network insite | 6.8 |
| 2005-01-10 | CVE-2004-1195 | Remote Denial Of Service vulnerability in Lucasarts Star Wars Battlefront 1.11 Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory. | 5.0 |
| 2005-01-10 | CVE-2004-1194 | Remote Denial Of Service vulnerability in Lucasarts Star Wars Battlefront 1.11 Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | 5.0 |
| 2005-01-10 | CVE-2004-1193 | Permissions, Privileges, and Access Controls vulnerability in Prevx Home 1.0 Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable. | 6.6 |
| 2005-01-10 | CVE-2004-1177 | Unspecified vulnerability in GNU Mailman Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. network gnu | 4.3 |
| 2005-01-10 | CVE-2004-1169 | Denial-Of-Service vulnerability in MaxDB MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. | 5.0 |
| 2005-01-10 | CVE-2004-1167 | Remote Security vulnerability in mirrorselect mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack. | 5.0 |