Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-02-12 | CVE-2004-2088 | Unspecified vulnerability in Sophos Anti-Virus 3.4.6/3.78 Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message. | 5.0 |
| 2004-02-10 | CVE-2004-2091 | Unspecified vulnerability in Microsoft Baseline Security Analyzer 1.2 Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security. | 5.0 |
| 2004-02-09 | CVE-2004-2093 | Denial-Of-Service vulnerability in rsync Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. | 4.6 |
| 2004-02-09 | CVE-2004-2080 | Remote vulnerability in Red-M Red-Alert 2.7.5V3.1Build24 Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID. | 5.0 |
| 2004-02-09 | CVE-2004-2078 | Remote vulnerability in Red-M Red-Alert 2.7.5V3.1Build24 Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss of logged events) via a long request to TCP port 80, possibly triggering a buffer overflow. | 5.0 |
| 2004-02-08 | CVE-2004-2077 | Remote Denial of Service vulnerability in Nadeo Game Engine, Trackmania and Virtual Skipper Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values or incorrect size fields. | 5.0 |
| 2004-02-07 | CVE-2004-2090 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist. | 5.0 |
| 2004-02-07 | CVE-2004-2084 | Cross-Site Scripting vulnerability in JShop E-Commerce Suite xSearch Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. network jshop-e-commerce | 4.3 |
| 2004-02-06 | CVE-2004-2089 | Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command. | 5.0 |
| 2004-02-06 | CVE-2004-2086 | Buffer Overflow vulnerability in Sambar Server 6.0 Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | 5.0 |