Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-06-01 | CVE-2004-0109 | Buffer Overflow vulnerability in Linux Kernel 2.4.0/2.5.0/2.6.0 Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. | 4.6 |
| 2004-06-01 | CVE-2003-0807 | Remote Denial Of Service vulnerability in Microsoft Windows COM Internet Service/RPC Over HTTP Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. | 5.0 |
| 2004-06-01 | CVE-2003-0663 | Denial Of Service vulnerability in Microsoft Windows 2000 Domain Controller LDAP Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message. | 5.0 |
| 2004-06-01 | CVE-2002-0385 | Information Disclosure vulnerability in Vignette Storyserver and Vignette Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | 5.0 |
| 2004-05-29 | CVE-2004-2040 | Multiple vulnerability in E107 0.615/0.615A Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php. network e107 | 4.3 |
| 2004-05-29 | CVE-2004-2039 | Multiple vulnerability in E107 0.615/0.615A e107 0.615 allows remote attackers to obtain sensitive information via a direct request to (1) alt_news.php, (2) backend_menu.php, (3) clock_menu.php, (4) counter_menu.php, (5) login_menu.php, and other files, which reveal the full path in a PHP error message. | 5.0 |
| 2004-05-29 | CVE-2004-2038 | HTML Injection vulnerability in Land Down Under BBCode Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. network neocrome | 4.3 |
| 2004-05-26 | CVE-2004-2035 | Remote Denial Of Service vulnerability in Minishare Minimal Http Server 1.3.2 MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | 5.0 |
| 2004-05-26 | CVE-2004-2033 | Denial Of Service vulnerability in Orenosv Http FTP Server 0.5.9C/0.5.9E/0.5.9F Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | 5.0 |
| 2004-05-22 | CVE-2004-2030 | Cross-Site Scripting vulnerability in Liferay Enterprise Portal 2.1.0 Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject. | 4.3 |