Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1165 | Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data. | 5.0 |
| 2005-05-02 | CVE-2005-1164 | Denial Of Service vulnerability in Yager Development Yager Game 5.0/5.20/5.24 Yager 5.24 and earlier allows remote attackers to cause a denial of service (application hang) via a packet with a game header that provides less data than indicated by the length. | 5.0 |
| 2005-05-02 | CVE-2005-1163 | Buffer Overflow vulnerability in Yager Development Yager Game 5.0/5.20/5.24 Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data. | 6.4 |
| 2005-05-02 | CVE-2005-1160 | Unspecified vulnerability in Mozilla Firefox and Mozilla The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. | 5.1 |
| 2005-05-02 | CVE-2005-1158 | Unspecified vulnerability in Mozilla Firefox Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar. | 5.0 |
| 2005-05-02 | CVE-2005-1150 | Denial-Of-Service vulnerability in SUN Java System web Server 6.0 Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang). | 5.0 |
| 2005-05-02 | CVE-2005-1148 | Information Disclosure vulnerability in Calendarscript 3.20/3.21 calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information. | 5.0 |
| 2005-05-02 | CVE-2005-1137 | Information Disclosure vulnerability in Alexander Palmo Simple PHP Blog 0.4.0 Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain sensitive information via a direct request to sb_functions.php, which leaks the full pathname in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-1135 | Cross-Site Scripting vulnerability in Alexander Palmo Simple PHP Blog 0.4.0 Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. network alexander-palmo | 4.3 |
| 2005-05-02 | CVE-2005-1133 | Remote Information Disclosure vulnerability in IBM iSeries AS400 POP3 Server The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. | 5.0 |