Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1197 | Cross-Site Scripting vulnerability in InShop and InMail Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop allows remote attackers to inject arbitrary web script or HTML via the screen parameter. network insite | 6.8 |
| 2005-01-10 | CVE-2004-1196 | Cross-Site Scripting vulnerability in InShop and InMail Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail allows remote attackers to inject arbitrary web script or HTML via the acao parameter. network insite | 6.8 |
| 2005-01-10 | CVE-2004-1195 | Remote Denial Of Service vulnerability in Lucasarts Star Wars Battlefront 1.11 Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory. | 5.0 |
| 2005-01-10 | CVE-2004-1194 | Remote Denial Of Service vulnerability in Lucasarts Star Wars Battlefront 1.11 Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | 5.0 |
| 2005-01-10 | CVE-2004-1193 | Permissions, Privileges, and Access Controls vulnerability in Prevx Home 1.0 Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable. | 6.6 |
| 2005-01-10 | CVE-2004-1177 | Unspecified vulnerability in GNU Mailman Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. network gnu | 4.3 |
| 2005-01-10 | CVE-2004-1169 | Denial-Of-Service vulnerability in MaxDB MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. | 5.0 |
| 2005-01-10 | CVE-2004-1167 | Remote Security vulnerability in mirrorselect mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack. | 5.0 |
| 2005-01-10 | CVE-2004-1164 | Remote Denial of Service vulnerability in Cisco CNS Network Registrar DNS and DHCP Server The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence." | 5.0 |
| 2005-01-10 | CVE-2004-1163 | Denial-Of-Service vulnerability in CNS Network Registrar Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a certain sequence of packets. | 5.0 |