Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-12-11 | CVE-2000-1061 | Unspecified vulnerability in Microsoft IE 4.X/5.X Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. | 5.1 |
| 2000-12-11 | CVE-2000-1060 | Unspecified vulnerability in Xfree86 Project Xfce 3.5.1 The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | 4.6 |
| 2000-12-11 | CVE-2000-1058 | Unspecified vulnerability in HP Openview Network Node Manager 4.11/5.01/6.1 Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem." | 5.0 |
| 2000-12-11 | CVE-2000-1057 | Unspecified vulnerability in HP Openview Network Node Manager 4.11/5.01/6.1 Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions. | 4.6 |
| 2000-12-11 | CVE-2000-1052 | Unspecified vulnerability in Macromedia Jrun 2.3.X Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet. | 5.0 |
| 2000-12-11 | CVE-2000-1051 | Unspecified vulnerability in Macromedia Jrun 2.3.X Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet. | 5.0 |
| 2000-12-11 | CVE-2000-1050 | Unspecified vulnerability in Macromedia Jrun 3.0 Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). | 5.0 |
| 2000-12-11 | CVE-2000-1049 | Unspecified vulnerability in Macromedia Jrun 3.0 Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters. | 5.0 |
| 2000-12-11 | CVE-2000-1048 | Unspecified vulnerability in Qbik Wingate Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2000-12-11 | CVE-2000-1038 | Unspecified vulnerability in IBM As400 Firewall R440 The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request. | 5.0 |