Weekly Vulnerabilities Reports > January 5 to 11, 2004
Overview
3 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 2 high severity vulnerabilities. This weekly summary report vulnerabilities in 3 products from 3 vendors including Xchat, Ethereal, and Freescripts. Vulnerabilities are notably categorized as "NULL Pointer Dereference", and "Origin Validation Error".
- 3 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities are exploitable by an anonymous user.
- Xchat has the most reported vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
2 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-01-05 | CVE-2003-1013 | Ethereal | NULL Pointer Dereference vulnerability in Ethereal The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. | 7.5 |
| 2004-01-05 | CVE-2003-1000 | Xchat | NULL Pointer Dereference vulnerability in Xchat 2.0.6 xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference. | 7.5 |
1 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-01-05 | CVE-2003-0981 | Freescripts | Origin Validation Error vulnerability in Freescripts Visitorbook LE FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks. | 6.1 |
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|