Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-18 | CVE-2004-0760 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | 6.4 |
| 2004-08-18 | CVE-2004-0759 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. | 6.4 |
| 2004-08-18 | CVE-2004-0758 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid. | 5.0 |
| 2004-08-18 | CVE-2004-0520 | HTML Injection vulnerability in SquirrelMail Email Header Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. | 6.8 |
| 2004-08-18 | CVE-2004-0519 | Cross-Site Scripting vulnerability in SquirrelMail Folder Name Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. | 6.8 |
| 2004-08-18 | CVE-2004-0517 | Security vulnerability in Apple Mac OS X Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | 4.6 |
| 2004-08-18 | CVE-2004-0516 | Security vulnerability in Apple Mac OS X Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | 4.6 |
| 2004-08-18 | CVE-2004-0515 | Security vulnerability in Apple Mac OS X Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." | 4.6 |
| 2004-08-18 | CVE-2004-0503 | Unspecified vulnerability in Microsoft Outlook 2003 Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502. | 5.0 |
| 2004-08-18 | CVE-2004-0502 | Unspecified vulnerability in Microsoft Outlook 2003 Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI. | 5.0 |