Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
1999-11-17 CVE-1999-1092 Unspecified vulnerability in Iain LEA TIN 1.40
tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.
local
low complexity
iain-lea
4.6
1999-11-16 CVE-1999-1051 Unspecified vulnerability in Matt Wright Formhandler.Cgi 1.0/2.0/3.0
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
network
low complexity
matt-wright
5.0
1999-11-14 CVE-1999-1528 Unspecified vulnerability in Prosoft Engineering Netware Client 5.12
ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session.
local
low complexity
prosoft-engineering
4.6
1999-11-14 CVE-1999-1110 Unspecified vulnerability in Microsoft Internet Explorer 5.0
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
network
low complexity
microsoft
5.0
1999-11-12 CVE-1999-1050 Unspecified vulnerability in Matt Wright Formhandler.Cgi 1.0/2.0/3.0
Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a ..
network
low complexity
matt-wright
5.0
1999-11-11 CVE-2000-0329 Unspecified vulnerability in Microsoft products
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
network
high complexity
microsoft
5.1
1999-11-10 CVE-1999-0849 Unspecified vulnerability in ISC Bind
Denial of service in BIND named via maxdname.
network
low complexity
isc
5.0
1999-11-10 CVE-1999-0848 Denial of service in BIND named via consuming more than "fdmax" file descriptors.
network
low complexity
isc sun
5.0
1999-11-08 CVE-1999-1550 Unspecified vulnerability in F5 Tmos 2.0
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
network
low complexity
f5
5.0
1999-11-08 CVE-1999-0863 Unspecified vulnerability in Freebsd 3.3
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.
local
low complexity
freebsd
4.6