Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2000-01-11 CVE-2000-0071 Unspecified vulnerability in Microsoft products
IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.
network
low complexity
microsoft
5.0
5.0
2000-01-11 CVE-2000-0045 Unspecified vulnerability in Oracle Mysql 3.22.27/3.22.29/3.23.8
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
network
low complexity
oracle
6.4
6.4
2000-01-06 CVE-2000-0084 Unspecified vulnerability in Globalscape Cuteftp
CuteFTP uses weak encryption to store password information in its tree.dat file.
network
low complexity
globalscape
5.0
5.0
2000-01-05 CVE-2000-0058 Unspecified vulnerability in Handspring Visor Network Hotsync 1.0
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.
network
low complexity
handspring
5.0
5.0
2000-01-05 CVE-2000-0056 Unspecified vulnerability in Ipswitch Imail 5.0.8/6.0/6.1
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
network
low complexity
ipswitch
5.0
5.0
2000-01-04 CVE-2000-0051 Unspecified vulnerability in Allaire Spectra 1.0
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
network
low complexity
allaire
5.0
5.0
2000-01-04 CVE-2000-0050 Unspecified vulnerability in Allaire Spectra 1.0
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
local
low complexity
allaire
4.6
4.6
2000-01-04 CVE-1999-0735 Unspecified vulnerability in KDE K-Mail
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
local
low complexity
kde
4.6
4.6
1999-12-31 CVE-2000-0015 Unspecified vulnerability in Ascend Cascadeview UX 1.0
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
local
low complexity
ascend
4.6
4.6
1999-12-31 CVE-1999-1488 Unspecified vulnerability in IBM System Data Repository Sp2.0
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
network
low complexity
ibm
5.0
5.0