Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1472 | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface. | 5.0 |
| 2004-12-31 | CVE-2004-1470 | Unspecified vulnerability in Snipsnap 0.5.2A CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. | 5.0 |
| 2004-12-31 | CVE-2004-1467 | Input Validation vulnerability in Egroupware 1.0/1.0.1/1.0.3 Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) date or search text field in the calendar module, (2) Field parameter, Filter parameter, QField parameter, Start parameter or Search field in the address module, (3) Subject field in the message module or (4) Subject field in the Ticket module. network egroupware | 4.3 |
| 2004-12-31 | CVE-2004-1464 | Unspecified vulnerability in Cisco IOS Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | 5.9 |
| 2004-12-31 | CVE-2004-1459 | Multiple vulnerability in Cisco Secure Access Control Server Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests. | 5.0 |
| 2004-12-31 | CVE-2004-1458 | Multiple vulnerability in Cisco products The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002. | 5.0 |
| 2004-12-31 | CVE-2004-1457 | Remote Denial Of Service vulnerability in Novell Bordermanager 3.8 The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite. | 5.0 |
| 2004-12-31 | CVE-2004-1455 | Remote Buffer Overflow vulnerability in Xine-Lib Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL. | 5.1 |
| 2004-12-31 | CVE-2004-1454 | Remote Denial Of Service vulnerability in Cisco IOS OSPF Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. | 5.0 |
| 2004-12-31 | CVE-2004-1450 | Remote Security vulnerability in Mozilla 1.7 Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations. | 5.0 |