Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0982 | Unspecified vulnerability in YET Another Forum.Net YET Another Forum.Net 0.9.9 Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, or (3) Subject field. network yet-another-forum-net | 4.3 |
| 2005-05-02 | CVE-2005-0981 | Cross-Site Scripting vulnerability in Alstrasoft Epay 2.0 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter. network alstrasoft | 4.3 |
| 2005-05-02 | CVE-2005-0978 | Directory Traversal vulnerability in IVT Bluesoleil 1.4 Directory traversal vulnerability in the Object Push service in IVT BlueSoleil 1.4 allows remote attackers to upload arbitrary files via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0976 | AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs. | 5.0 |
| 2005-05-02 | CVE-2005-0968 | Unspecified vulnerability in Broadcom Etrust Intrusion Detection 3.0 Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API. | 5.0 |
| 2005-05-02 | CVE-2005-0967 | Remote Denial Of Service vulnerability in ROB Flynn Gaim 1.2.0 Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | 5.0 |
| 2005-05-02 | CVE-2005-0966 | Unspecified vulnerability in ROB Flynn Gaim 1.2.0 The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. | 6.4 |
| 2005-05-02 | CVE-2005-0965 | Remote Denial Of Service vulnerability in ROB Flynn Gaim 1.2.0 The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | 5.0 |
| 2005-05-02 | CVE-2005-0964 | Local Network Access Restriction Bypass vulnerability in Kerio Personal Firewall Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. | 4.6 |
| 2005-05-02 | CVE-2005-0961 | Unspecified vulnerability in Horde Application Framework 3.0.4Rc1 Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title. network horde | 4.3 |