Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1186 | Cross-Site Scripting vulnerability in Jukebox Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting (XSS) attacks. network musicmatch | 6.8 |
| 2005-05-02 | CVE-2005-1185 | Local Security vulnerability in Jukebox Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe. | 4.6 |
| 2005-05-02 | CVE-2005-1184 | Denial Of Service vulnerability in Multiple Vendor TCP Session Acknowledgement Number The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. | 5.0 |
| 2005-05-02 | CVE-2005-1183 | Cross-Site Scripting vulnerability in Mvnforum 1.0Rc4 Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. network mvnforum | 4.3 |
| 2005-05-02 | CVE-2005-1182 | Denial-Of-Service vulnerability in IBM OS 400 R510/R520/R530 Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs. | 5.0 |
| 2005-05-02 | CVE-2005-1180 | Remote Security vulnerability in Francisco Burzi PHP-Nuke 7.6 HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter. | 5.0 |
| 2005-05-02 | CVE-2005-1179 | SNMP Authentication Bypass vulnerability in Xerox MicroServer Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to SNMP authentication, allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-0703. | 5.0 |
| 2005-05-02 | CVE-2005-1172 | HTML Injection vulnerability in Coppermine Photo Gallery X-Forwarded-For Logging Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter. network coppermine | 4.3 |
| 2005-05-02 | CVE-2005-1171 | Remote Mod.PHP Cross-Site Scripting vulnerability in Datenbank Module For PHPBB Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. network datenbank-module | 4.3 |
| 2005-05-02 | CVE-2005-1168 | Unspecified vulnerability in Musicmatch Jukebox 9.0.5059 DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows remote attackers to overwrite arbitrary files via the bstrSavePath argument. | 5.0 |