Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-05-06 | CVE-2000-0413 | Path Disclosure vulnerability in Microsoft products The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | 5.0 |
| 2000-05-05 | CVE-2000-0426 | Unspecified vulnerability in Ultrascripts Ultraboard 1.6 UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | 5.0 |
| 2000-05-05 | CVE-2000-0423 | Buffer Overflow vulnerability in Netwin Dnews 5.3 Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag. | 5.0 |
| 2000-05-04 | CVE-2000-0427 | Unspecified vulnerability in Aladdin Knowledge Systems Etoken 3.3.3 The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | 4.6 |
| 2000-05-04 | CVE-2000-0414 | Unspecified vulnerability in HP Hp-Ux and Vvos Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | 4.6 |
| 2000-05-03 | CVE-2000-0430 | Unspecified vulnerability in Mcmurtrey Whitaker and Associates Cart32 3.0 Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request. | 5.0 |
| 2000-05-03 | CVE-2000-0303 | Unspecified vulnerability in ID Software Quake 3 Arena 1.16N Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. | 6.4 |
| 2000-05-02 | CVE-2000-0433 | Unspecified vulnerability in Suse Linux The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | 4.6 |
| 2000-05-02 | CVE-2000-0385 | Security Bypass vulnerability in Filemaker 5.0 FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. | 5.0 |
| 2000-05-02 | CVE-2000-0347 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | 5.0 |