Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-11-23 | CVE-2004-0296 | Denial of Service vulnerability in Transsoft Broker FTP Server 6.1.0.0 TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an exception by opening and immediately closing a connection. | 5.0 |
2004-11-23 | CVE-2004-0295 | Denial of Service vulnerability in Transsoft Broker FTP Server 6.1.0.0 TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection. | 5.0 |
2004-11-23 | CVE-2004-0293 | Remote File Disclosure vulnerability in Shopcartcgi 2.3 Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. | 5.0 |
2004-11-23 | CVE-2004-0291 | SQL Injection vulnerability in YABB SE Quote Parameter SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter. | 5.0 |
2004-11-23 | CVE-2004-0287 | Remote Send File Request Denial Of Service vulnerability in Xlight FTP Server Xlight FTP Server 1.52 Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly triggering a buffer overflow. | 5.0 |
2004-11-23 | CVE-2004-0284 | Unspecified vulnerability in Microsoft IE, Internet Explorer and Outlook Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. | 5.0 |
2004-11-23 | CVE-2004-0282 | Remote Denial Of Service vulnerability in Crob FTP Server 3.5.2 Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server. | 5.0 |
2004-11-23 | CVE-2004-0281 | Unspecified vulnerability in Caucho Resin 2.1.12 Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows. | 5.0 |
2004-11-23 | CVE-2004-0280 | Unspecified vulnerability in Caucho Technology Resin 2.1.12 Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. | 5.0 |
2004-11-23 | CVE-2004-0278 | Denial of Service vulnerability in Ratbag Game Engine Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet that specifies the length of data to read and then sends a second TCP packet that contains less data than specified, which causes Ratbag to repeatedly check the socket for more data. | 5.0 |