Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-10-12 | CVE-2004-1598 | Remote Access Validation vulnerability in Adobe Acrobat Reader Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory. | 5.0 |
| 2004-10-05 | CVE-2004-0928 | Remote vulnerability in Macromedia JRun The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm". | 5.0 |
| 2004-09-30 | CVE-2004-1604 | Remote Security vulnerability in Cpanel 9.9.1R3 cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled. | 5.0 |
| 2004-09-28 | CVE-2004-0693 | Unspecified vulnerability in Trolltech QT The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. | 5.0 |
| 2004-09-28 | CVE-2004-0692 | Unspecified vulnerability in Trolltech QT The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. | 5.0 |
| 2004-09-28 | CVE-2004-0690 | Unspecified vulnerability in KDE 3.2.1 The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. | 4.6 |
| 2004-09-28 | CVE-2004-0644 | Denial Of Service vulnerability in MIT Kerberos 5 ASN.1 Decoder The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. | 5.0 |
| 2004-09-28 | CVE-2004-0643 | Double Free vulnerability in multiple products Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | 4.6 |
| 2004-09-28 | CVE-2004-0558 | Remote Denial Of Service vulnerability in CUPS UDP Packet The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port. | 5.0 |
| 2004-09-28 | CVE-2004-0457 | Unspecified vulnerability in Oracle Mysql The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 4.6 |