Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-03-15 | CVE-2004-1816 | Denial Of Service vulnerability in Multiple Vendor SOAP Server Undisclosed Request Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | 5.0 |
| 2004-03-15 | CVE-2004-1815 | Denial Of Service vulnerability in Multiple Vendor SOAP Server Undisclosed Request Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | 5.0 |
| 2004-03-15 | CVE-2004-0192 | Cross-Site Scripting vulnerability in Symantec Gateway Security 5400 2.0 Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. network symantec | 6.8 |
| 2004-03-15 | CVE-2004-0191 | Cross-Site Scripting vulnerability in Mozilla Browser Zombie Document Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. network mozilla | 6.8 |
| 2004-03-15 | CVE-2004-0171 | Remote Denial Of Service vulnerability in BSD Out Of Sequence Packets FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | 5.0 |
| 2004-03-15 | CVE-2004-0169 | Remote Denial of Service vulnerability in Apple Darwin Streaming Server 4.1.3 QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. | 5.0 |
| 2004-03-15 | CVE-2004-0166 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar." | 5.0 |
| 2004-03-15 | CVE-2004-0165 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | 5.0 |
| 2004-03-12 | CVE-2004-1358 | Unspecified vulnerability in SUN Solaris 9.0 The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. | 5.0 |
| 2004-03-11 | CVE-2003-1199 | Cross-Site Scripting vulnerability in Myproxy 20030629 Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows remote attackers to inject arbitrary web script or HTML via the URL. network myproxy | 6.8 |