Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2452 | Information Disclosure vulnerability in Cosminexus Portal Framework Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library. | 5.0 |
2004-12-31 | CVE-2004-2451 | Denial Of Service vulnerability in Roger Wilco Server Unauthorized Audio Stream Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug. | 5.0 |
2004-12-31 | CVE-2004-2450 | Information Disclosure vulnerability in Roger Wilco The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information. | 5.0 |
2004-12-31 | CVE-2004-2449 | Denial Of Service vulnerability in Gamespy products Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. | 5.0 |
2004-12-31 | CVE-2004-2448 | Information Disclosure vulnerability in S-Mart Shopping Cart S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name. | 5.0 |
2004-12-31 | CVE-2004-2447 | Input Validation vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01 Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz. network 1st-class-internet-solutions | 4.3 |
2004-12-31 | CVE-2004-2446 | Input Validation vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01 Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. | 5.0 |
2004-12-31 | CVE-2004-2445 | Input Validation vulnerability in Jaws 0.3Beta Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-2444 | Input Validation vulnerability in Jaws 0.3 Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter. network jaws | 4.3 |
2004-12-31 | CVE-2004-2442 | Unspecified vulnerability in F-Secure products Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system. | 5.0 |