Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2420 | Remote vulnerability in Hitachi JP1 P-1B41-9461, JP1 P-1B41-9471 and JP1 P-1J41-9471 Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 allows remote attackers to cause a denial of service (daemon halt) via a port scan involving reset packets. | 5.0 |
| 2004-12-31 | CVE-2004-2415 | Denial Of Service vulnerability in Davenport XML Expansion Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks. | 5.0 |
| 2004-12-31 | CVE-2004-2411 | Cross-Site Scripting vulnerability in Virtual Programming VP-ASP Shopping Cart Shop$DB.Asp 4.0/4.50/5.0 The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in shopdisplayproducts.asp or (2) the msg parameter in shoperror.asp, and possibly other vectors. network virtual-programming | 4.3 |
| 2004-12-31 | CVE-2004-2405 | Denial-Of-Service vulnerability in F-Secure Anti-Virus Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive. | 6.4 |
| 2004-12-31 | CVE-2004-2402 | Cross-Site Scripting vulnerability in YaBB YaBB.pl IMSend Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. network yabb | 4.3 |
| 2004-12-31 | CVE-2004-2399 | Denial-Of-Service vulnerability in Securecomputing Sidewinder G2 6.1.0.01 Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (CPU consumption) via delayed responses to DNS queries. | 5.0 |
| 2004-12-31 | CVE-2004-2392 | Multiple Unspecified vulnerability in Mandrakesoft Mandrake Linux and Mandrake Linux Corporate Server libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs. | 5.0 |
| 2004-12-31 | CVE-2004-2391 | Remote Denial Of Service vulnerability in Jabber Software Jabber Gadu-Gadu Transport Jabber Gadu-Gadu Transport (a.k.a. | 5.0 |
| 2004-12-31 | CVE-2004-2390 | Remote Denial Of Service vulnerability in Jabber Software Jabber Gadu-Gadu Transport The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. | 5.0 |
| 2004-12-31 | CVE-2004-2389 | Remote Denial Of Service vulnerability in Jabber Software Jabber Gadu-Gadu Transport Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. | 5.0 |