Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-03-29 | CVE-2004-1872 | HTML Injection vulnerability in WebCT Campus Edition Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag. network webct | 4.3 |
| 2004-03-29 | CVE-2004-1871 | Input Validation vulnerability in All Enthusiast Photopost PHP Pro Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ppuser, (2) password, (3) stype, (4) perpage, (5) sort, (6) page, (7) si, or (8) cat parameters to showmembers.php, or the (9) photo name, (10) photo description, (11) album name, or (12) album description fields. network photopost | 4.3 |
| 2004-03-29 | CVE-2004-0158 | Environment Variable Buffer Overflow Vulnerabilites in LGames LBreakout2 Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. | 4.6 |
| 2004-03-29 | CVE-2004-0126 | Unspecified vulnerability in Freebsd 5.1/5.2/5.2.1 The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail. | 4.6 |
| 2004-03-29 | CVE-2003-1010 | Local Privilege Escalation vulnerability in Apple MacOS X fs_usage Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. | 4.6 |
| 2004-03-29 | CVE-2003-1008 | Local Security vulnerability in Mac OS X Server Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. | 4.6 |
| 2004-03-29 | CVE-2003-1007 | Unspecified vulnerability in Apple MacOS X AppleFileServer AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. | 5.0 |
| 2004-03-29 | CVE-2003-0828 | Buffer Overflow vulnerability in GUS and Psilord Freesweep 0.88/0.90 Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables. | 4.6 |
| 2004-03-29 | CVE-2003-0797 | Denial of Service vulnerability in SGI rpc.mountd Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors. | 5.0 |
| 2004-03-29 | CVE-2003-0612 | Local Buffer Overflow vulnerability in Robert Hyatt Crafty 19.3 Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin. | 4.6 |