Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2594 | Remote vulnerability in ID Software Quake II Server Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg". | 5.0 |
| 2004-12-31 | CVE-2004-2592 | Improper Input Validation vulnerability in ID Software Quake II Server 3.20/3.21 Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines. | 5.0 |
| 2004-12-31 | CVE-2004-2589 | Multiple vulnerability in Gaim Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory. | 5.0 |
| 2004-12-31 | CVE-2004-2588 | Unspecified vulnerability in XMB Software XMB Forum 1.9Nexusbeta Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application. | 5.0 |
| 2004-12-31 | CVE-2004-2587 | Denial-Of-Service vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow. | 5.0 |
| 2004-12-31 | CVE-2004-2586 | Directory Traversal vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter. | 5.0 |
| 2004-12-31 | CVE-2004-2585 | Cross-Site Scripting vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area. network smartertools | 4.3 |
| 2004-12-31 | CVE-2004-2584 | Remote Security vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). | 4.0 |
| 2004-12-31 | CVE-2004-2582 | Remote vulnerability in Novell Ichain 2.3 Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2004-12-31 | CVE-2004-2581 | Remote vulnerability in Novell Ichain 2.3 Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string." | 5.0 |