Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-01-17 | CVE-2000-0072 | Unspecified vulnerability in Computer Power Solutions Visual Casel 3.0/3.5 Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges. | 4.6 |
| 2000-01-17 | CVE-2000-0064 | Unspecified vulnerability in Nortel Contivity 1.0 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | 5.0 |
| 2000-01-17 | CVE-2000-0063 | Unspecified vulnerability in Nortel Contivity 1.0 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | 5.0 |
| 2000-01-13 | CVE-2000-0075 | Unspecified vulnerability in Nosque Msgcore 1.9 Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session. | 5.0 |
| 2000-01-13 | CVE-2000-0066 | Unspecified vulnerability in Oreilly Website Professional 2.3.18/2.4.9 WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | 5.0 |
| 2000-01-12 | CVE-2000-0087 | Unspecified vulnerability in Netscape Communicator and Navigator Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. | 5.0 |
| 2000-01-12 | CVE-1999-1002 | Remote Security vulnerability in Netscape Communicator 4.7 Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | 5.0 |
| 2000-01-11 | CVE-2000-0071 | Unspecified vulnerability in Microsoft products IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. | 5.0 |
| 2000-01-11 | CVE-2000-0045 | Unspecified vulnerability in Oracle Mysql 3.22.27/3.22.29/3.23.8 MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege. | 6.4 |
| 2000-01-06 | CVE-2000-0084 | Unspecified vulnerability in Globalscape Cuteftp CuteFTP uses weak encryption to store password information in its tree.dat file. | 5.0 |