Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1805 | Remote Format String vulnerability in Epic Games Unreal Engine 226F/433/436 Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. | 5.0 |
| 2004-12-31 | CVE-2004-1804 | Remote Denial Of Service vulnerability in Invicta Wmcam Server 2.1.348 wMCam server 2.1.348 allows remote attackers to cause a denial of service (no new connections) via multiple malformed HTTP requests without the GET command. | 5.0 |
| 2004-12-31 | CVE-2004-1802 | Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page. | 5.0 |
| 2004-12-31 | CVE-2004-1801 | Remote Directory Traversal vulnerability in Pwebserver web Server 0.3.0/0.3.2/0.3.3 Directory traversal vulnerability in PWebServer 0.3.3 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2004-12-31 | CVE-2004-1798 | Unspecified vulnerability in Realnetworks products RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | 5.1 |
| 2004-12-31 | CVE-2004-1797 | Cross-Site Scripting vulnerability in FreznoShop Search Script Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. network freznoshop | 4.3 |
| 2004-12-31 | CVE-2004-1794 | HTML Injection vulnerability in VCard4J Toolkit Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard. network vcard4j | 4.3 |
| 2004-12-31 | CVE-2004-1792 | Remote Denial Of Service vulnerability in YaSoft Switch Off Large Packet swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000). | 5.0 |
| 2004-12-31 | CVE-2004-1790 | Cross-Site Scripting vulnerability in Edimax Full Rate Adsl Router Ar6004 Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. network edimax | 4.3 |
| 2004-12-31 | CVE-2004-1789 | Cross-Site Scripting vulnerability in ZyXEL ZyWALL 10 Management Interface Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page. network zyxel | 4.3 |