Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1493 | Remote Denial of Service vulnerability in Quicksilver Master of Orion III Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow. | 5.0 |
| 2004-12-31 | CVE-2004-1492 | Remote Denial of Service vulnerability in Quicksilver Master of Orion III Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | 5.0 |
| 2004-12-31 | CVE-2004-1491 | Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | 5.0 |
| 2004-12-31 | CVE-2004-1484 | Remote Format String vulnerability in Socat Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message. | 5.0 |
| 2004-12-31 | CVE-2004-1481 | Unspecified vulnerability in Realnetworks Helix Player, Realone Player and Realplayer Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | 5.1 |
| 2004-12-31 | CVE-2004-1477 | Remote vulnerability in Macromedia Jrun 3.0/3.1/4.0 Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session. network macromedia | 4.3 |
| 2004-12-31 | CVE-2004-1476 | Stack Overflow vulnerability in Xine-lib VideoCD And Text Subtitle Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. | 5.1 |
| 2004-12-31 | CVE-2004-1475 | Stack Overflow vulnerability in Xine-lib VideoCD And Text Subtitle Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines. | 5.1 |
| 2004-12-31 | CVE-2004-1474 | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file. | 5.0 |
| 2004-12-31 | CVE-2004-1473 | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. | 5.0 |