Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2458 | Unspecified vulnerability in Open Webmail Open Webmail Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | 5.0 |
| 2004-12-31 | CVE-2004-2457 | Remote Denial Of Service vulnerability in 3Com OfficeConnect ADSL Wireless 11g Firewall Router Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. | 5.0 |
| 2004-12-31 | CVE-2004-2452 | Information Disclosure vulnerability in Cosminexus Portal Framework Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library. | 5.0 |
| 2004-12-31 | CVE-2004-2451 | Denial Of Service vulnerability in Roger Wilco Server Unauthorized Audio Stream Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug. | 5.0 |
| 2004-12-31 | CVE-2004-2450 | Information Disclosure vulnerability in Roger Wilco The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2004-12-31 | CVE-2004-2449 | Denial Of Service vulnerability in Gamespy products Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. | 5.0 |
| 2004-12-31 | CVE-2004-2448 | Information Disclosure vulnerability in S-Mart Shopping Cart S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name. | 5.0 |
| 2004-12-31 | CVE-2004-2447 | Input Validation vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01 Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz. network 1st-class-internet-solutions | 4.3 |
| 2004-12-31 | CVE-2004-2446 | Input Validation vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01 Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. | 5.0 |
| 2004-12-31 | CVE-2004-2445 | Input Validation vulnerability in Jaws 0.3Beta Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. | 5.0 |