Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-05-12 | CVE-2000-0415 | Unspecified vulnerability in Microsoft Outlook and Outlook Express Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | 5.0 |
2000-05-11 | CVE-2000-0408 | Unspecified vulnerability in Microsoft products IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability. | 5.0 |
2000-05-10 | CVE-2000-0410 | Unspecified vulnerability in Allaire Coldfusion Server 4.5.1 ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | 5.0 |
2000-05-10 | CVE-2000-0304 | Unspecified vulnerability in Microsoft products Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. | 5.0 |
2000-05-06 | CVE-2000-0413 | Path Disclosure vulnerability in Microsoft products The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | 5.0 |
2000-05-05 | CVE-2000-0426 | Unspecified vulnerability in Ultrascripts Ultraboard 1.6 UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | 5.0 |
2000-05-05 | CVE-2000-0423 | Buffer Overflow vulnerability in Netwin Dnews 5.3 Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag. | 5.0 |
2000-05-04 | CVE-2000-0427 | Unspecified vulnerability in Aladdin Knowledge Systems Etoken 3.3.3 The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | 4.6 |
2000-05-04 | CVE-2000-0414 | Unspecified vulnerability in HP Hp-Ux and Vvos Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | 4.6 |
2000-05-03 | CVE-2000-0430 | Unspecified vulnerability in Mcmurtrey Whitaker and Associates Cart32 3.0 Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request. | 5.0 |