Weekly Vulnerabilities Reports > December 27, 2004 to January 2, 2005
Overview
1047 new vulnerabilities reported during this period, including 62 critical vulnerabilities and 301 high severity vulnerabilities. This weekly summary report vulnerabilities in 879 products from 559 vendors including Microsoft, IBM, Mozilla, SUN, and GNU. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Path Traversal".
- 894 reported vulnerabilities are remotely exploitables.
- 11 reported vulnerabilities have public exploit available.
- 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 1024 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 32 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
62 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-12-31 | CVE-2004-2734 | Novell | Improper Authentication vulnerability in Novell Netware 6.5 webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. | 10.0 |
2004-12-31 | CVE-2004-2689 | Newsphp | Permissions, Privileges, and Access Controls vulnerability in Newsphp NewsPHP allows remote attackers to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value. | 10.0 |
2004-12-31 | CVE-2004-2645 | ASN 1 Compiler | Multiple Unspecified vulnerability in Asn.1 Compiler Asn.1 Compiler 0.9.4/0.9.5/0.9.6 Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures." | 10.0 |
2004-12-31 | CVE-2004-2644 | ASN 1 Compiler | Multiple Unspecified vulnerability in Asn.1 Compiler Asn.1 Compiler 0.9.4/0.9.5/0.9.6 Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags. | 10.0 |
2004-12-31 | CVE-2004-2627 | SUN | Remote Security vulnerability in Java 2 Micro Edition Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | 10.0 |
2004-12-31 | CVE-2004-2623 | Matthew Skala | Remote Security vulnerability in Rippy The Aggregator Unknown vulnerability in Rippy the Aggregator before 0.10, when register_globals is enabled, has unknown attack vectors and impact, possibly related to the "user-controlled filter." | 10.0 |
2004-12-31 | CVE-2004-2622 | Altiris | Remote Command Execution vulnerability in Altiris Deployment Server AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access. | 10.0 |
2004-12-31 | CVE-2004-2613 | Vserver | Remote Security vulnerability in Linux-VServer Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408. | 10.0 |
2004-12-31 | CVE-2004-2590 | Meindlsoft | Unspecified vulnerability in Meindlsoft Cute PHP Library 0.46 Unspecified vulnerability in meindlSOFT Cute PHP Library (aka cphplib) 0.46 has unknown impact and attack vectors, related to regular expressions. | 10.0 |
2004-12-31 | CVE-2004-2537 | Netwin | Unspecified vulnerability in NetWin SurgeMail Webmail Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug." | 10.0 |
2004-12-31 | CVE-2004-2532 | Solarwinds | Credentials Management vulnerability in Solarwinds Serv-U File Server Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command. | 10.0 |
2004-12-31 | CVE-2004-2513 | Pmail | Remote Security vulnerability in Pmail Pegasus 4.01 Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command. | 10.0 |
2004-12-31 | CVE-2004-2500 | Ilohamail | Unspecified vulnerability in IlohaMail Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2470 | Madbms | Login vulnerability in MadBMS Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins. | 10.0 |
2004-12-31 | CVE-2004-2453 | Tutti Nova | Multiple Unspecified vulnerability in Tutti Nova Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2441 | Kerio | Unspecified vulnerability in Kerio Mailserver 6.0/6.0.1/6.0.2 Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown impact and unknown remote attack vectors, related to a "potential security issue." | 10.0 |
2004-12-31 | CVE-2004-2427 | Axis | Denial-Of-Service vulnerability in 2420 Video Server Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi. | 10.0 |
2004-12-31 | CVE-2004-2421 | Hitachi | Remote vulnerability in Hitachi JP1 P-1B41-9461, JP1 P-1B41-9471 and JP1 P-1J41-9471 Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights. | 10.0 |
2004-12-31 | CVE-2004-2407 | Phpgroupware | Remote Security vulnerability in Phpgroupware Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality. | 10.0 |
2004-12-31 | CVE-2004-2406 | Phpgroupware | Remote Security vulnerability in Phpgroupware Unknown "overflow" in the phpgw_config table for phpGroupWare before 0.9.14.002 has unknown attack vectors and impact. | 10.0 |
2004-12-31 | CVE-2004-2403 | Yabb | Unspecified vulnerability in Yabb Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters. | 10.0 |
2004-12-31 | CVE-2004-2388 | IBM | Privilege Escalation vulnerability in IBM AIX 4.3.3 rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | 10.0 |
2004-12-31 | CVE-2004-2359 | Dell | Local Privilege Escalation vulnerability in Dell Truemobile 1300 Wlan Mini-Pci Card Util Trayapplet 3.10.39.0 Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality. | 10.0 |
2004-12-31 | CVE-2004-2289 | Microsoft | Unspecified vulnerability in Microsoft Windows XP Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file. | 10.0 |
2004-12-31 | CVE-2004-2284 | Open Webmail | Remote Command Execution Variant vulnerability in Open WebMail Vacation.PL The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument. | 10.0 |
2004-12-31 | CVE-2004-2281 | IBM | Java Applet vulnerability in IBM Lotus Notes Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. | 10.0 |
2004-12-31 | CVE-2004-2275 | I Mall Commerce | Remote Command Execution vulnerability in I-Mall Commerce I-mall Script i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter. | 10.0 |
2004-12-31 | CVE-2004-2248 | Goosequill | Remote Security vulnerability in Goosequill Remoteeditor 0.1.1 Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions." | 10.0 |
2004-12-31 | CVE-2004-2247 | Goosequill | Remote Security vulnerability in Goosequill Audienceconnect 1.0.Beta.20 Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2237 | Moodle | Unspecified vulnerability in Moodle Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts." | 10.0 |
2004-12-31 | CVE-2004-2236 | Moodle | Unspecified vulnerability in Moodle Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | 10.0 |
2004-12-31 | CVE-2004-2235 | Moodle | Remote Security vulnerability in Moodle 1.1.1 Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | 10.0 |
2004-12-31 | CVE-2004-2233 | Moodle | Unspecified vulnerability in Moodle Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2159 | Xmlstarlet | Buffer Overflow vulnerability in Xmlstarlet Command Line XML Toolkit 0.9.3 Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c. | 10.0 |
2004-12-31 | CVE-2004-2156 | Recruitment Agency Software | Security vulnerability in Recruitment Agency Software Online Recruitment Agency 1.0 Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2153 | Real Estate Management Software | Multiple Unspecified vulnerability in Real Estate Management Software Real Estate Management Software 1.0 Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2142 | Jorg Schilling | Remote Security vulnerability in SDD 1.28/1.31 Unknown vulnerability in the remote tape support (remote.c) in the RMT client for Jorg Schilling sdd 1.28 and 1.31 has unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2114 | Internetnow | Stack and Heap Overflow vulnerability in Internetnow Proxynow 2.6/2.75 Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL. | 10.0 |
2004-12-31 | CVE-2004-2048 | Esesix | Multiple vulnerability in eSeSIX Thintune Thin Client Devices radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | 10.0 |
2004-12-31 | CVE-2004-1903 | Blaxxun | Buffer Overflow vulnerability in Blaxxun Contact 3D 7.0 Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag. | 10.0 |
2004-12-31 | CVE-2004-1898 | Tildeslash | Remote vulnerability in Multiple Monit Administration Interface Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username. | 10.0 |
2004-12-31 | CVE-2004-1812 | Broadcom | Unspecified vulnerability in Broadcom Unicenter TNG 2.4/2.4.2 Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code. | 10.0 |
2004-12-31 | CVE-2004-1763 | Haht Commerce | Buffer Overrun vulnerability in HAHTsite Scenario Server Project File Name Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name. | 10.0 |
2004-12-31 | CVE-2004-1486 | HP | Remote vulnerability in HP ServiceGuard Undisclosed Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allow remote attackers to gain privileges via unknown attack vectors. | 10.0 |
2004-12-31 | CVE-2004-1483 | Symantec | Multiple vulnerability in Symantec Clientless VPN Gateway 4400 5.0 Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | 10.0 |
2004-12-31 | CVE-2004-1463 | Moinmoin | Privilege Escalation vulnerability in MoinMoin PageEditor Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lists (ACL), has unknown impact. | 10.0 |
2004-12-31 | CVE-2004-1402 | Iwebnegar | SQL Injection vulnerability in IWebNegar SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php, (2) comments.php, or (3) the administrator login page. | 10.0 |
2004-12-31 | CVE-2004-1390 | QNX | Local Buffer Overrun vulnerability in QNX Rtos and RTP Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscript, (10) nodetach, (11) remote_mac, or (12) local_mac flags. | 10.0 |
2004-12-31 | CVE-2004-1236 | Netscape | Remote Buffer Overflow vulnerability in Netscape Directory Server 3.6 Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code. | 10.0 |
2004-12-31 | CVE-2004-1050 | Avaya Microsoft | Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability." | 10.0 |
2004-12-31 | CVE-2004-1017 | Linux | Local Integer Overflow vulnerability in Linux Kernel 2.4.0 Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors. | 10.0 |
2004-12-31 | CVE-2004-0985 | Microsoft | Remote Security vulnerability in Microsoft IE 6.0 Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help. | 10.0 |
2004-12-31 | CVE-2004-0904 | Mozilla Netscape Conectiva Redhat | Integer Overflow vulnerability in Mozilla Browser BMP Image Decoding Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | 10.0 |
2004-12-31 | CVE-2004-0429 | Apple | Remote Security vulnerability in Apple mac OS X 10.2.8/10.3.3 Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. | 10.0 |
2004-12-31 | CVE-2004-0090 | Apple | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors. | 10.0 |
2004-12-31 | CVE-2004-2214 | Mbedthis | Improper Handling of Case Sensitivity vulnerability in Mbedthis Appweb Http Server 1.0.4 Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | 9.8 |
2004-12-31 | CVE-2004-2154 | Apple Canonical | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |
2004-12-31 | CVE-2004-2692 | Kyberdigi Labs | Permissions, Privileges, and Access Controls vulnerability in Kyberdigi Labs PHP-Exec-Dir The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function. | 9.3 |
2004-12-31 | CVE-2004-2687 | Apple Samba | Configuration vulnerability in multiple products distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | 9.3 |
2004-12-31 | CVE-2004-1441 | Board Power | Cross-Site Scripting vulnerability in Board Power Board Power 2.04Pf Cross-site scripting (XSS) vulnerability in icq.cgi in Board Power 2.04PF allows remote attackers to inject arbitrary web script or HTML via the action parameter. | 9.3 |
2004-12-31 | CVE-2004-2700 | Aspdotnetstorefront | Permissions, Privileges, and Access Controls vulnerability in Aspdotnetstorefront 3.3 Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx. | 9.0 |
2004-12-31 | CVE-2004-2673 | Argosoft | Multiple vulnerability in ArGoSoft FTP Server Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument. | 9.0 |
301 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-12-31 | CVE-2004-1842 | Phpnuke | Cross-Site Request Forgery (CSRF) vulnerability in PHPnuke PHP-Nuke Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | 8.8 |
2004-12-31 | CVE-2004-2690 | Newsphp | File-Upload vulnerability in newsPHP Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files. | 8.5 |
2004-12-31 | CVE-2004-2111 | Solarwinds | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Solarwinds Serv-U File Server Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. | 8.5 |
2004-12-31 | CVE-2004-0638 | Oracle | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oracle Oracle8I and Oracle9I Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument. | 8.5 |
2004-12-31 | CVE-2004-2745 | Anteco Visual Technologies | Path Traversal vulnerability in Anteco Visual Technologies Ownserver Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and earlier allows remote attackers to read arbitrary files via a .. | 7.8 |
2004-12-31 | CVE-2004-2679 | Checkpoint | Information Disclosure vulnerability in Checkpoint Firewall-1 4.0/4.1/R55 Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. | 7.8 |
2004-12-31 | CVE-2004-2652 | Sourcefire | Remote Denial Of Service vulnerability in Snort DecodeTCPOptions The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference. | 7.8 |
2004-12-31 | CVE-2004-2629 | First Virtual Communications | Denial-Of-Service vulnerability in Conference Server Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | 7.8 |
2004-12-31 | CVE-2004-2583 | Smartertools | Denial-Of-Service vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous open connections to TCP port 25. | 7.8 |
2004-12-31 | CVE-2004-2539 | Network Appliance | Remote Undisclosed Denial Of Service vulnerability in Network Appliance Data Ontap and Netcache Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID | 7.8 |
2004-12-31 | CVE-2004-2534 | Fastream | Denial Of Service vulnerability in Fastream NetFile FTP/Web Server HEAD Request Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service (connection consumption) by sending a large number HTTP HEAD requests. | 7.8 |
2004-12-31 | CVE-2004-2531 | GNU | Denial Of Service vulnerability in GNU Gnutls 1.0.16 X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | 7.8 |
2004-12-31 | CVE-2004-2499 | Hitachi | Denial Of Service vulnerability in Hitachi Web Page Generator Unspecified vulnerability in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier allows remote attackers to cause a denial of service via unknown attack vectors when a web site is "improperly accessed." | 7.8 |
2004-12-31 | CVE-2004-2496 | Opentext | Remote Denial Of Service vulnerability in OpenText FirstClass HTTP Daemon Search Function The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search. | 7.8 |
2004-12-31 | CVE-2004-2495 | Code Crafters | Multiple vulnerability in Code-Crafters Ability Mail Server 1.18 The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service. | 7.8 |
2004-12-31 | CVE-2004-2013 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | 7.8 |
2004-12-31 | CVE-2004-1896 | Nullsoft | Heap Overflow vulnerability in NullSoft Winamp in_mod.dll Plug-in Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file. | 7.6 |
2004-12-31 | CVE-2004-2758 | SUN | Denial-Of-Service vulnerability in Sunforum 3.2/3D1.0 Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | 7.5 |
2004-12-31 | CVE-2004-2754 | Yabb | SQL Injection vulnerability in Yabb SE SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions. | 7.5 |
2004-12-31 | CVE-2004-2746 | Pensacola WEB Designs | SQL Injection vulnerability in Pensacola web Designs Xtremeasp Photogallery 2.0 SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
2004-12-31 | CVE-2004-2739 | Phprojekt | Permissions, Privileges, and Access Controls vulnerability in PHProjekt The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors. | 7.5 |
2004-12-31 | CVE-2004-2737 | Netsupport | SQL Injection vulnerability in Netsupport DNA Helpdesk 1.01 SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk 1.01 allows remote attackers to execute arbitrary SQL commands via the where parameter. | 7.5 |
2004-12-31 | CVE-2004-2716 | PHP Heaven | SQL Injection vulnerability in PHP Heaven PHPmychat 0.14.5 Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the (1) sortBy, (2) sortOrder, (3) startReg, (4) U, (5) LastCheck , and (6) R parameters. | 7.5 |
2004-12-31 | CVE-2004-2715 | PHP Heaven | Improper Authentication vulnerability in PHP Heaven PHPmychat 0.14.5 edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false. | 7.5 |
2004-12-31 | CVE-2004-2711 | Phrozensmoke | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval." | 7.5 |
2004-12-31 | CVE-2004-2710 | Phrozensmoke | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending certain typing statuses or (2) setting the chat room status bar to the current chat room name. | 7.5 |
2004-12-31 | CVE-2004-2709 | Phrozensmoke | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags. | 7.5 |
2004-12-31 | CVE-2004-2707 | Phrozensmoke | Undisclosed vulnerability in GYach Enhanced Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP server responses. | 7.5 |
2004-12-31 | CVE-2004-2695 | Jelsoft Point TO Point Protocol Project | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Authorize.net callback code (subscriptions/authorize.php) in Jelsoft vBulletin 3.0 through 3.0.3 allows remote attackers to execute arbitrary SQL statements via the x_invoice_num parameter. | 7.5 |
2004-12-31 | CVE-2004-2685 | Youngzsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Youngzsoft Ccproxy Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416. | 7.5 |
2004-12-31 | CVE-2004-2681 | Peersec Networks | Cross-Site Scripting vulnerability in MatrixSSL PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to hijack a session. | 7.5 |
2004-12-31 | CVE-2004-2677 | Qwikmail | Remote Format String vulnerability in Qwikmail Smtp 0.3 Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments. | 7.5 |
2004-12-31 | CVE-2004-2672 | Argosoft | Remote Security vulnerability in Argosoft FTP Server 1.4.2 Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2669 | Neocrome | Remote SQL Injection vulnerability in Neocrome Land Down Under 701 Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php. | 7.5 |
2004-12-31 | CVE-2004-2668 | Interchange Development Group | SQL-Injection vulnerability in Interchange SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2663 | IBM | Unspecified vulnerability in IBM Egatherer 2.0.0.16 The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | 7.5 |
2004-12-31 | CVE-2004-2653 | PD9 Software | Remote Security vulnerability in Megabbs 2.0/2.1 Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving (1) admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp. | 7.5 |
2004-12-31 | CVE-2004-2639 | Drew Withers | Remote Security vulnerability in Journalness Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors. | 7.5 |
2004-12-31 | CVE-2004-2638 | Oscommerce | Unspecified vulnerability in Oscommerce 1.5.1 The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value. | 7.5 |
2004-12-31 | CVE-2004-2635 | Mcafee | Information Disclosure vulnerability in Mcafee Security Installer Control System 4.0.0.81 An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method. | 7.5 |
2004-12-31 | CVE-2004-2632 | Phpmyadmin | Input Validation vulnerability in phpMyAdmin phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables. | 7.5 |
2004-12-31 | CVE-2004-2631 | Phpmyadmin | Input Validation vulnerability in phpMyAdmin Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name. | 7.5 |
2004-12-31 | CVE-2004-2630 | Phpmyadmin | Remote Command Execution vulnerability in phpMyAdmin The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. | 7.5 |
2004-12-31 | CVE-2004-2619 | Paul L Daniels | Unspecified vulnerability in Paul L Daniels Ripmime ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail protection via a base64 MIME encoded attachment containing invalid characters that are not properly extracted. | 7.5 |
2004-12-31 | CVE-2004-2614 | Xuebrothers | Buffer Overflow vulnerability in Xuebrothers Myweb 3.3 Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | 7.5 |
2004-12-31 | CVE-2004-2612 | BNC | Authentication Bypass vulnerability in BNC 2.9.0 BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users. | 7.5 |
2004-12-31 | CVE-2004-2606 | Linksys | Remote Administration Service Weakness in Linksys WRT54G Router World Accessible The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled. | 7.5 |
2004-12-31 | CVE-2004-2593 | ID Software | Remote vulnerability in ID Software Quake II Server 3.20/3.21 Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer. | 7.5 |
2004-12-31 | CVE-2004-2579 | Novell | Remote vulnerability in Novell Ichain 2.3 ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding." | 7.5 |
2004-12-31 | CVE-2004-2573 | Phpgroupware | Remote File Include vulnerability in PHPgroupware 0.9.14.003 PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter. | 7.5 |
2004-12-31 | CVE-2004-2571 | Enderunix | Buffer Overflow vulnerability in Isoqlog Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c. | 7.5 |
2004-12-31 | CVE-2004-2567 | Recipants | SQL Injection and Cross-Site Scripting vulnerability in ReciPants Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields. | 7.5 |
2004-12-31 | CVE-2004-2561 | Internet Sofware Sciences | SQL Injection vulnerability in Internet Sofware Sciences Web+Center 4.0.1 Multiple SQL injection vulnerabilities in Internet Software Sciences Web+Center 4.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the ISS_TECH_CENTER_LOGIN cookie in search.asp and (2) one or more cookies in DoCustomerOptions.asp. | 7.5 |
2004-12-31 | CVE-2004-2560 | Andreas Gohr | Remote Arbitrary File Upload vulnerability in DokuWiki DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi". | 7.5 |
2004-12-31 | CVE-2004-2559 | Andreas Gohr | Denial-Of-Service vulnerability in Dokuwiki DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks. | 7.5 |
2004-12-31 | CVE-2004-2558 | IBM | Product Unspecified Credential Impersonation vulnerability in IBM Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack." | 7.5 |
2004-12-31 | CVE-2004-2551 | Layton Technology | SQL Injection vulnerability in Layton Technology Helpbox 3.0.1 Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the sys_comment_id parameter in editcommentenduser.asp, (2) the sys_suspend_id parameter in editsuspensionuser.asp, (3) the table parameter in export_data.asp, (4) the sys_analgroup parameter in manageanalgrouppreference.asp, (5) the sys_asset_id parameter in quickinfoassetrequests.asp, (6) the sys_eusername parameter in quickinfoenduserrequests.asp, and the sys_request_id parameter in (7) requestauditlog.asp, (8) requestcommentsenduser.asp, (9) selectrequestapplytemplate.asp, and (10) selectrequestlink.asp, resulting in an ability to create a new HelpBox user account and read, modify, or delete data from the backend database. | 7.5 |
2004-12-31 | CVE-2004-2542 | Dynix | Undisclosed SQL Injection vulnerability in Dynix WebPac Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases. | 7.5 |
2004-12-31 | CVE-2004-2536 | Linux | Local IO Access Inheritance vulnerability in Linux Kernel The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges. | 7.5 |
2004-12-31 | CVE-2004-2501 | Mailenable | Remote Pre-Authentication Buffer Overflow vulnerability in MailEnable IMAP Service Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection. | 7.5 |
2004-12-31 | CVE-2004-2486 | Dropbear SSH Project | Authentication vulnerability in Dropbear SSH Server Digital Signature Standard The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access. | 7.5 |
2004-12-31 | CVE-2004-2478 | CA IBM Jetty | Directory Traversal vulnerability in Jetty Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. | 7.5 |
2004-12-31 | CVE-2004-2474 | Phpnews | SQL Injection vulnerability in PHPnews 1.2.3 SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php. | 7.5 |
2004-12-31 | CVE-2004-2471 | Jamesoff | Parameter Unspecified SQL Injection vulnerability in JamesOff Quoteengine 1.0/1.1 SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2461 | GNU | Remote POP3 Protocol vulnerability in gnubiff Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-2456 | Minibb | Remote SQL Injection vulnerability in MiniBB SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | 7.5 |
2004-12-31 | CVE-2004-2455 | Sweex | Unspecified vulnerability in Sweex Wireless Broadband Router Accesspoint 802.11G Lc000060 Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. | 7.5 |
2004-12-31 | CVE-2004-2443 | Jaws | Input Validation vulnerability in Jaws 0.2/0.3 Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the logged_on function in application.php. | 7.5 |
2004-12-31 | CVE-2004-2437 | PHP Fusion | SQL and HTML Injection vulnerability in PHP Fusion PHP Fusion 4.01 SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to (1) index.php or (2) members.php, or (3) the comment_id parameter to comments.php. | 7.5 |
2004-12-31 | CVE-2004-2433 | Altnet Grokster Kazaa | Remote Buffer Overflow vulnerability in Altnet ADM ActiveX Control Buffer overflow in the IsValidFile function in the ADM ActiveX control for Altnet Download Manager 4.0.0.4 and earlier, as used in Kazaa Media Desktop 1.3 through 2.6.4 and Grokkster 1.3 through 2.6, allows remote attackers to execute arbitrary code via a long bstrFilepath parameter. | 7.5 |
2004-12-31 | CVE-2004-2431 | THE Ignition Project | Authentication Bypass vulnerability in ignitionServer Server Link Service Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 through 0.3.1, with the linking service enabled, allows remote attackers to bypass authentication. | 7.5 |
2004-12-31 | CVE-2004-2429 | Enderunix Software | Buffer Overflow vulnerability in Spamguard Multiple stack-based and heap-based buffer overflows in EnderUNIX spamGuard before 1.7-BETA allow remote attackers to execute arbitrary code via the (1) qmail_parseline and (2) sendmail_parseline functions in parser.c, (3) loadconfig and (4) removespaces functions in loadconfig.c, and possibly (5) unspecified functions in functions.c. | 7.5 |
2004-12-31 | CVE-2004-2425 | Axis | Multiple vulnerability in Axis Network Camera And Video Server Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi. | 7.5 |
2004-12-31 | CVE-2004-2417 | Smtp Proxy | Remote Format String vulnerability in Smtp.Proxy 1.1.3 Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message. | 7.5 |
2004-12-31 | CVE-2004-2416 | Youngzsoft | Remote Buffer Overflow vulnerability in Youngzsoft Ccproxy 6.0 Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
2004-12-31 | CVE-2004-2413 | Virtual Programming | SQL Injection vulnerability in Virtual Programming VP-ASP Shopproductselect Script SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp. | 7.5 |
2004-12-31 | CVE-2004-2412 | Virtual Programming | SQL Injection vulnerability in Virtual Programming VP-ASP Shopping Cart CatalogID Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp. | 7.5 |
2004-12-31 | CVE-2004-2401 | Ipswitch | Buffer Overrun vulnerability in Ipswitch Imail Express 8.03 Stack-based buffer overflow in Ipswitch IMail Express Web Messaging before 8.05 might allow remote attackers to execute arbitrary code via an HTML message with long "tag text." | 7.5 |
2004-12-31 | CVE-2004-2397 | Broadcom | Cleartext Storage of Sensitive Information vulnerability in Broadcom Bluecoat Security Gateway The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates. | 7.5 |
2004-12-31 | CVE-2004-2393 | SUN | Unspecified vulnerability in SUN Jsse 1.0.3/1.0.301/1.0.302 Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS. | 7.5 |
2004-12-31 | CVE-2004-2387 | Denis Sbragion Peter Astrand | Remote vulnerability in Sredird Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-2386 | Denis Sbragion Peter Astrand | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function. | 7.5 |
2004-12-31 | CVE-2004-2376 | Twilight Utilities | Denial-Of-Service vulnerability in Twilight Utilities Twilight Utilities web Server 2.0.0.0 Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute. | 7.5 |
2004-12-31 | CVE-2004-2375 | 1ST Class Internet Solutions | Remote Buffer Overflow vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.0 Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest). | 7.5 |
2004-12-31 | CVE-2004-2373 | AOL | Unspecified vulnerability in AOL Instant Messenger The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | 7.5 |
2004-12-31 | CVE-2004-2370 | Cerulean Studios | Remote Security vulnerability in Cerulean Studios Trillian and Trillian PRO Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | 7.5 |
2004-12-31 | CVE-2004-2350 | Phpbb Group | SQL Injection vulnerability in PHPBB Search.PHP Search_Results Parameter SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. | 7.5 |
2004-12-31 | CVE-2004-2349 | Tunez | Remote SQL Injection vulnerability in Tunez Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries. | 7.5 |
2004-12-31 | CVE-2004-2347 | Leif M Wright | Remote Command Execution vulnerability in Leif M. Wright web Blog 1.1/1.1.5 blog.cgi in Leif M. | 7.5 |
2004-12-31 | CVE-2004-2341 | Isearch | Remote Security vulnerability in iSearch PHP file include injection vulnerability in isearch.inc.php for iSearch allows remote attackers to execute arbitrary code via the isearch_path parameter. | 7.5 |
2004-12-31 | CVE-2004-2340 | Even Balance | Remote SQL Injection vulnerability in PunkBuster Database ** UNVERIFIABLE ** SQL injection vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 allows remote attackers to execute arbitrary SQL commands via the username and password fields of the login form. | 7.5 |
2004-12-31 | CVE-2004-2338 | Openbsd | Unspecified vulnerability in Openbsd 3.3/3.4 OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. | 7.5 |
2004-12-31 | CVE-2004-2326 | IP3 Networks | SQL Injection vulnerability in IP3 Networks products SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. | 7.5 |
2004-12-31 | CVE-2004-2324 | Dotnetnuke | Multiple vulnerability in DotNetNuke SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows remote attackers to modify the backend database via the (1) table and (2) field parameters in LinkClick.aspx. | 7.5 |
2004-12-31 | CVE-2004-2322 | Phpwebsite | SQL-Injection vulnerability in Phpwebsite SQL injection vulnerability in the (1) announce and (2) notes modules of phpWebSite before 0.9.3-2 allows remote attackers to execute arbitrary SQL queries, as demonstrated using the ANN_id parameter to the announce module. | 7.5 |
2004-12-31 | CVE-2004-2314 | Novell | Remote Security vulnerability in Novell Ichain 2.1/2.2 The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, which allows remote attackers to gain access. | 7.5 |
2004-12-31 | CVE-2004-2304 | Cerulean Studios | Remote Boundary Condition Error vulnerability in Cerulean Studios Trillian and Trillian PRO Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | 7.5 |
2004-12-31 | CVE-2004-2299 | Omnicron | Buffer Overflow vulnerability in Omnicron OmniHTTPD Get Request Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header. | 7.5 |
2004-12-31 | CVE-2004-2295 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter. | 7.5 |
2004-12-31 | CVE-2004-2291 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script. | 7.5 |
2004-12-31 | CVE-2004-2290 | Microsoft | Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder. | 7.5 |
2004-12-31 | CVE-2004-2286 | Activestate Larry Wall | Integer Overflow vulnerability in Multiple Perl Implementation Duplication Operator Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow. | 7.5 |
2004-12-31 | CVE-2004-2271 | Minishare | Remote Buffer Overflow vulnerability in MiniShare Server Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
2004-12-31 | CVE-2004-2266 | Ansel | Input Validation vulnerability in Ansel SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. | 7.5 |
2004-12-31 | CVE-2004-2263 | Playsms | SQL Injection vulnerability in Anton Raharja PlaySMS Valid Function SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie. | 7.5 |
2004-12-31 | CVE-2004-2254 | Netwin | Authentication Bypass vulnerability in SurgeLDAP Web Administration SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. | 7.5 |
2004-12-31 | CVE-2004-2250 | Goosequill | Remote Security vulnerability in Audienceconnect Remoteeditor Unknown vulnerability in the "access code" in RemoteEditor before 0.1.6 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | 7.5 |
2004-12-31 | CVE-2004-2249 | Goosequill | Remote Security vulnerability in Audienceconnect Secureeditor Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | 7.5 |
2004-12-31 | CVE-2004-2243 | Phorum | Remote Security vulnerability in Phorum 4.3.7 Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. | 7.5 |
2004-12-31 | CVE-2004-2240 | Phorum | Cross-Site Scripting and SQL Injection vulnerability in Phorum 5.0.11 Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | 7.5 |
2004-12-31 | CVE-2004-2239 | Inter7 | Multiple vulnerability in Inter7 Vpopmail Vsybase.c Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-2234 | Moodle | Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | 7.5 |
2004-12-31 | CVE-2004-2221 | Mercantec | Buffer Overflow vulnerability in Mercantec Softcart 4.00B Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. | 7.5 |
2004-12-31 | CVE-2004-2218 | Phpmywebhosting | SQL Injection vulnerability in PHPMyWebHosting SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | 7.5 |
2004-12-31 | CVE-2004-2212 | Alivesites | Remote Input Validation vulnerability in Alivesites Forum 2.0 SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | 7.5 |
2004-12-31 | CVE-2004-2209 | Ideal Science | Remote Input Validation vulnerability in Ideal Science IdealBB SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2206 | Natterchat | SQL Injection vulnerability in Natterchat 1.12 SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2203 | Ansel | Unspecified vulnerability in Ansel Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories. | 7.5 |
2004-12-31 | CVE-2004-2202 | Duware | Remote vulnerability in Duware Duclassified 4.0/4.1/4.2 Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form. | 7.5 |
2004-12-31 | CVE-2004-2201 | Duware | Remote vulnerability in DUware Software SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form. | 7.5 |
2004-12-31 | CVE-2004-2192 | Turbotraffictrader | Input Validation vulnerability in Turbotraffictrader PHP 1.0 SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | 7.5 |
2004-12-31 | CVE-2004-2189 | Dmxready | Cross-Site Scripting And SQL Injection vulnerability in DMXReady Site Chassis Manager SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2186 | Mediawiki | Remote Input Validation vulnerability in Mediawiki 1.3.5 SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance. | 7.5 |
2004-12-31 | CVE-2004-2183 | Wehelpbus | Remote Command Execution vulnerability in Wehelpbus 0.1 Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | 7.5 |
2004-12-31 | CVE-2004-2182 | Macromedia | Improper Authentication vulnerability in Macromedia Jrun 4.0/4.0Build61650 Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. | 7.5 |
2004-12-31 | CVE-2004-2181 | Wowbb | Remote Input Validation vulnerability in WowBB Forum 1.61/1.65 Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. | 7.5 |
2004-12-31 | CVE-2004-2178 | Devoybb | Remote Input Validation vulnerability in Devoybb web Forum 1.0 SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2175 | ALL Enthusiast INC | SQL Injection vulnerability in All Enthusiast ReviewPost PHP PRO 2.5/2.5.1 Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | 7.5 |
2004-12-31 | CVE-2004-2173 | Early Impact | Multiple vulnerability in EarlyImpact ProductCart SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | 7.5 |
2004-12-31 | CVE-2004-2172 | Netsourcecommerce | Inadequate Encryption Strength vulnerability in Netsourcecommerce Productcart EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | 7.5 |
2004-12-31 | CVE-2004-2167 | Latex2Rtf | Remote Buffer Overflow vulnerability in Latex2Rtf 1.9.15 Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand. | 7.5 |
2004-12-31 | CVE-2004-2166 | Canon | Unspecified vulnerability in Canon Imagerunner 5000I and Imagerunner C3200 The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | 7.5 |
2004-12-31 | CVE-2004-2163 | Openbsd | Authentication Bypass vulnerability in Openbsd 3.2/3.4/3.5 login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. | 7.5 |
2004-12-31 | CVE-2004-2161 | Tutos | Remote Input Validation vulnerability in Tutos 1.120040414 SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | 7.5 |
2004-12-31 | CVE-2004-2158 | S9Y | Input Validation vulnerability in S9Y Serendipity 0.7Beta1 SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. | 7.5 |
2004-12-31 | CVE-2004-2155 | Online Bookmarks | Authentication Bypass vulnerability in Online-Bookmarks Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php. | 7.5 |
2004-12-31 | CVE-2004-2145 | PD9 Software | SQL-Injection vulnerability in Megabbs 2/2.1 SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp. | 7.5 |
2004-12-31 | CVE-2004-2143 | Mambo | SQL Injection vulnerability in ReMOSitory SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option. | 7.5 |
2004-12-31 | CVE-2004-2110 | Phorum | SQL-Injection vulnerability in Phorum SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hide_email parameter. | 7.5 |
2004-12-31 | CVE-2004-2108 | Quadcomm | SQL Injection vulnerability in QuadComm Q-Shop Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp. | 7.5 |
2004-12-31 | CVE-2004-2107 | Finjan Software | Unspecified vulnerability in Finjan Software Surfingate Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server. | 7.5 |
2004-12-31 | CVE-2004-2071 | Macallan | Authentication Bypass vulnerability in Macallan Mail Solution 2.8.4.6Build260 Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name. | 7.5 |
2004-12-31 | CVE-2004-2065 | Daniel Barron | Unspecified vulnerability in Daniel Barron Dansguardian DansGuardian 2.8 and earlier allows remote attackers to bypass the extension filtering rule via a hex encoded extension or . | 7.5 |
2004-12-31 | CVE-2004-2062 | Antiboard | Input Validation vulnerability in AntiBoard SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the (1) thread_id, (2) parent_id, or (3) mode parameters. | 7.5 |
2004-12-31 | CVE-2004-2057 | Xlinesoft | Multiple vulnerability in XLineSoft ASPRunner SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements. | 7.5 |
2004-12-31 | CVE-2004-2056 | Nucleus Group | SQL-Injection vulnerability in Nucleus Group Nucleus CMS 3.01 SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter. | 7.5 |
2004-12-31 | CVE-2004-2052 | Esesix | Remote Security vulnerability in Thintune eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing. | 7.5 |
2004-12-31 | CVE-2004-2026 | Apsis | Remote Format String vulnerability in APSIS Pound Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages. | 7.5 |
2004-12-31 | CVE-2004-2025 | ZEN Cart | SQL-Injection vulnerability in ZEN Cart ZEN Cart 1.1.3 SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. | 7.5 |
2004-12-31 | CVE-2004-2024 | ZEN Cart | Remote Security vulnerability in ZEN Cart ZEN Cart 1.1.4 The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | 7.5 |
2004-12-31 | CVE-2004-2023 | ZEN Cart | SQL Injection vulnerability in ZEN Cart ZEN Cart 1.1.2D/1.1.4 SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters. | 7.5 |
2004-12-31 | CVE-2004-2018 | Francisco Burzi | Unspecified vulnerability in Francisco Burzi PHP-Nuke PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-12-31 | CVE-2004-2016 | Netchat | Remote Buffer Overflow vulnerability in NetChat Web Server Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. | 7.5 |
2004-12-31 | CVE-2004-2010 | Phpshop | Remote PHP Script Execution vulnerability in PHPShop PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg. | 7.5 |
2004-12-31 | CVE-2004-1966 | Openbb | Input Validation vulnerability in OpenBB Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php. | 7.5 |
2004-12-31 | CVE-2004-1962 | Protector System | Unspecified vulnerability in Protector System Protector System 1.15B1 SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields. | 7.5 |
2004-12-31 | CVE-2004-1955 | Phprofession | Multiple vulnerability in PHProfession 2.5 SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter. | 7.5 |
2004-12-31 | CVE-2004-1949 | Postnuke Software Foundation | Module SQL Injection vulnerability in Postnuke Software Foundation Postnuke 0.726 SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module. | 7.5 |
2004-12-31 | CVE-2004-1914 | Francisco Burzi Shiba Design | Multiple vulnerability in NukeCalendar SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to execute arbitrary SQL commands via the eid parameter. | 7.5 |
2004-12-31 | CVE-2004-1904 | Panda | Remote Heap Overflow vulnerability in Panda Activescan 5.0 Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string. | 7.5 |
2004-12-31 | CVE-2004-1900 | PAN Vision | Remote Format String vulnerability in Pan Vision IGI-2 Covert Strike Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in RCON commands. | 7.5 |
2004-12-31 | CVE-2004-1892 | Emule | Remote Buffer Overflow vulnerability in Emule 0.42D Stack-based buffer overflow in DecodeBase16 function, as used in the (1) IRC module and (2) web server in eMule 0.42d, allows remote attackers to execute arbitrary code via a long string. | 7.5 |
2004-12-31 | CVE-2004-1888 | Aborior | Remote Arbitrary Command Execution vulnerability in Aborior Encore Web Forum display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | 7.5 |
2004-12-31 | CVE-2004-1881 | Cactusoft | SQL Injection vulnerability in Cactusoft Cactushop 5.0/5.1 SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter. | 7.5 |
2004-12-31 | CVE-2004-1841 | MS Analysis | SQL Injection vulnerability in MS Analysis Website Traffic Analyzer 2.0 SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request. | 7.5 |
2004-12-31 | CVE-2004-1836 | Invision Power Services | SQL Injection vulnerability in Invision Power Services Invision Power TOP Site List 1.0/1.1/1.1Rc2 SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action. | 7.5 |
2004-12-31 | CVE-2004-1835 | Invision Power Services | SQL Injection vulnerability in Invision Power Services Invision Gallery 1.0.1 Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters. | 7.5 |
2004-12-31 | CVE-2004-1813 | Vocaltec | Remote Authentication Bypass vulnerability in Vocaltec Vgw4 8 Telephony Gateway 8.0 VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/). | 7.5 |
2004-12-31 | CVE-2004-1811 | HP | Unspecified vulnerability in HP SSL Http Server 5.0/5.92 The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates. | 7.5 |
2004-12-31 | CVE-2004-1806 | Dogpatch Software | SQL Injection vulnerability in Dogpatch Software Cfwebstore 5.0 SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to execute SQL commands via the (1) category_id, (2) product_id, or (3) feature_id parameters. | 7.5 |
2004-12-31 | CVE-2004-1800 | Sysbotz | Authentication Bypass vulnerability in Sysbotz SimpleData Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attackers to gain access via a crafted URL and a certain cookie. | 7.5 |
2004-12-31 | CVE-2004-1799 | Openbsd | Unspecified vulnerability in Openbsd PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces. | 7.5 |
2004-12-31 | CVE-2004-1796 | Hotnews | PHP File Include vulnerability in HotNews PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3. | 7.5 |
2004-12-31 | CVE-2004-1793 | Yatsoft | Remote Buffer Overflow vulnerability in YaSoft Switch Off Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. | 7.5 |
2004-12-31 | CVE-2004-1791 | Edimax | Remote Security vulnerability in Edimax Full Rate Adsl Router Ar6004 The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. | 7.5 |
2004-12-31 | CVE-2004-1787 | Postnuke Software Foundation | SQL Injection vulnerability in Postnuke Software Foundation Postcalendar 4.0.0 SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries. | 7.5 |
2004-12-31 | CVE-2004-1783 | Net2Soft | Remote Directory Traversal vulnerability in Net2Soft Flash FTP Server Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. | 7.5 |
2004-12-31 | CVE-2004-1782 | David Maciejak | Remote Command Execution vulnerability in Athena Web Registration athenareg.php in Athena Web Registration allows remote attackers to execute arbitrary commands via shell metacharacters in the pass parameter. | 7.5 |
2004-12-31 | CVE-2004-1773 | GNU | Buffer Overflow vulnerability in GNU Sharutils 4.2/4.2.1 Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar. | 7.5 |
2004-12-31 | CVE-2004-1765 | MOD Security | Buffer Overflow vulnerability in MOD Security MOD Security 1.7.4 Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests. | 7.5 |
2004-12-31 | CVE-2004-1762 | F Secure | Remote Security vulnerability in F-Secure Anti-Virus Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV. | 7.5 |
2004-12-31 | CVE-2004-1755 | BEA | Privilege Escalation vulnerability in BEA WebLogic Server and Express SSL Client The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges. | 7.5 |
2004-12-31 | CVE-2004-1734 | Mantis | Remote Server-Side Script Execution vulnerability in Mantis 0.19.0A PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code. | 7.5 |
2004-12-31 | CVE-2004-1725 | John Bradley | Buffer Overflow and Integer Handling vulnerability in John Bradley XV 3.10A Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file. | 7.5 |
2004-12-31 | CVE-2004-1666 | Cerulean Studios | Remote Buffer Overflow vulnerability in Cerulean Studios Trillian 0.74I Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character. | 7.5 |
2004-12-31 | CVE-2004-1592 | Ocportal | Remote File Include vulnerability in Ocportal 1.0.3 PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script. | 7.5 |
2004-12-31 | CVE-2004-1591 | Micronet | Remote Security vulnerability in Micronet Sp916Bm 1.9 The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2004 resets the password to the default password when the router is shut off, which could allow remote attackers to gain access. | 7.5 |
2004-12-31 | CVE-2004-1588 | Gosmart | Input Validation vulnerability in Go Smart Inc GoSmart Message Board SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp. | 7.5 |
2004-12-31 | CVE-2004-1580 | Devellion | SQL Injection vulnerability in Devellion Cubecart 2.0.1 SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |
2004-12-31 | CVE-2004-1574 | Vypress | Remote Buffer Overflow vulnerability in VyPRESS Messenger Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote attackers to execute arbitrary code via a message with a long first field. | 7.5 |
2004-12-31 | CVE-2004-1570 | Eaden Mckee | SQL Injection vulnerability in Eaden Mckee Bblog 0.7.2/0.7.3 SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter. | 7.5 |
2004-12-31 | CVE-2004-1567 | Silent Storm | Input Validation vulnerability in Silent-Storm Portal profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator. | 7.5 |
2004-12-31 | CVE-2004-1562 | W Agora | Remote Input Validation vulnerability in W-Agora 4.1.6A SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands via the key parameter. | 7.5 |
2004-12-31 | CVE-2004-1561 | Icecast | Buffer Overflow vulnerability in Icecast Server HTTP Header Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers. | 7.5 |
2004-12-31 | CVE-2004-1558 | Ypops | Remote Buffer Overflow vulnerability in YahooPOPS! Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request. | 7.5 |
2004-12-31 | CVE-2004-1555 | Broadboard Instant | SQL Injection vulnerability in BroadBoard Message Board Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp. | 7.5 |
2004-12-31 | CVE-2004-1554 | Alexphpteam | Remote PHP File Include vulnerability in Alexphpteam Alex Guestbook 3.12 PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-12-31 | CVE-2004-1553 | Fullrevolution | SQL Injection vulnerability in Fullrevolution Aspwebalbum 3.2 SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. | 7.5 |
2004-12-31 | CVE-2004-1552 | Full Revolution | SQL Injection vulnerability in Full Revolution Aspwebcalendar 4.5 SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp. | 7.5 |
2004-12-31 | CVE-2004-1550 | Motorola | Remote Authentication Bypass vulnerability in Motorola Wr850G 4.0.3Firmware Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | 7.5 |
2004-12-31 | CVE-2004-1541 | VAN Dyke Technologies | Remote Command Execution vulnerability in Van Dyke SecureCRT SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share. | 7.5 |
2004-12-31 | CVE-2004-1538 | Phpkit | Input Validation vulnerability in PHPkit 1.6.02/1.6.03/1.6.1 SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2004-12-31 | CVE-2004-1536 | Ipbproarcade | Remote SQL Injection vulnerability in IPBProArcade SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
2004-12-31 | CVE-2004-1535 | Phpbb Group | Remote Security vulnerability in phpBB PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-12-31 | CVE-2004-1532 | Appserv Open Project | Remote Insecure Default Password vulnerability in AppServ Open Project AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access. | 7.5 |
2004-12-31 | CVE-2004-1531 | Invision Power Services | SQL Injection vulnerability in Invision Power Board Index.PHP Post Action SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter. | 7.5 |
2004-12-31 | CVE-2004-1530 | ROB Sutton | Remote vulnerability in Event Calendar SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. | 7.5 |
2004-12-31 | CVE-2004-1526 | NEW Media Generation | Remote Security vulnerability in NEW Media Generation Hired Team Trial 2.1/2.2 Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players off the server, including the administrator. | 7.5 |
2004-12-31 | CVE-2004-1519 | Benjamin Curtis | SQL-Injection vulnerability in phpBugTracker SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation. | 7.5 |
2004-12-31 | CVE-2004-1517 | Zonelabs | Unspecified vulnerability in Zonelabs Imsecure 1.0.0.0/1.0.1.0/1.0.2.0 Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions. | 7.5 |
2004-12-31 | CVE-2004-1515 | Jelsoft | SQL-Injection vulnerability in vBulletin SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php. | 7.5 |
2004-12-31 | CVE-2004-1510 | Webcalendar | Remote vulnerability in WebCalendar WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_entry.php or (2) upcoming.php. | 7.5 |
2004-12-31 | CVE-2004-1508 | Webcalendar | Remote vulnerability in WebCalendar init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter. | 7.5 |
2004-12-31 | CVE-2004-1505 | Salims Softhouse | Directory Traversal vulnerability in Salims Softhouse JAF CMS 3.0 Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a .. | 7.5 |
2004-12-31 | CVE-2004-1498 | Webhost Automation | Input Validation vulnerability in WebHost Automation Helm Control Panel SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter. | 7.5 |
2004-12-31 | CVE-2004-1485 | GNU Tftp | Remote Buffer Overflow vulnerability in InetUtils TFTP Client Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | 7.5 |
2004-12-31 | CVE-2004-1482 | BNC | Buffer Overflow vulnerability in BNC sbuf_getmsg() The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts. | 7.5 |
2004-12-31 | CVE-2004-1480 | HP | Access Restriction Bypass vulnerability in HP StorageWorks Command View XP Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions. | 7.5 |
2004-12-31 | CVE-2004-1478 | Hitachi Macromedia | Remote vulnerability in Macromedia JRun JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session. | 7.5 |
2004-12-31 | CVE-2004-1468 | Usermin Webmin | The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message. | 7.5 |
2004-12-31 | CVE-2004-1466 | Gallery Project | Remote Server-Side Script Execution vulnerability in Gallery Project Gallery 1.4.4 The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if the temporary directory is under the web root. | 7.5 |
2004-12-31 | CVE-2004-1462 | Moinmoin | Privilege Escalation vulnerability in MoinMoin Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote attackers to gain unauthorized access to administrator functions such as (1) revert and (2) delete. | 7.5 |
2004-12-31 | CVE-2004-1461 | Cisco | Multiple vulnerability in Cisco products Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. | 7.5 |
2004-12-31 | CVE-2004-1460 | Cisco | Multiple vulnerability in Cisco products Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. | 7.5 |
2004-12-31 | CVE-2004-1456 | Cvstrac | Remote Command Execution vulnerability in CVSTrac filediff filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo. | 7.5 |
2004-12-31 | CVE-2004-1440 | Putty | Unspecified vulnerability in Putty Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication. | 7.5 |
2004-12-31 | CVE-2004-1439 | Sapporoworks | Buffer Overflow vulnerability in Sapporoworks Black Jumbodog 3.6.1 Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD. | 7.5 |
2004-12-31 | CVE-2004-1437 | Pavuk | Remote Digest Authentication Buffer Overflow vulnerability in Pavuk 0.928R1/0.928R2/0.9Pl28I Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-1436 | Cisco | Multiple vulnerability in Cisco ONS The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters. | 7.5 |
2004-12-31 | CVE-2004-1430 | Ipbproarcade | Remote SQL Injection vulnerability in Ipbproarcade 2.5 SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote attackers to execute arbitrary SQL code via the gameid parameter. | 7.5 |
2004-12-31 | CVE-2004-1429 | Argosoft | Remote Security vulnerability in FTP Server ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it easier for remote attackers to guess passwords via a brute force attack. | 7.5 |
2004-12-31 | CVE-2004-1427 | Korweblog | Remote File Include vulnerability in Korweblog 1.6.1/1.6.2Cvs PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote attackers to execute arbitrary PHP code by modifying the G_PATH parameter to reference a URL on a remote web server that contains the code, as demonstrated in index.php when using .. | 7.5 |
2004-12-31 | CVE-2004-1423 | PHP Calendar | Code Injection vulnerability in PHP-Calendar Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office (VLO) and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpc_root_path parameter to (1) includes/calendar.php or (2) includes/setup.php. | 7.5 |
2004-12-31 | CVE-2004-1421 | WHM | Remote vulnerability in WHM Autopilot 2.4.5/2.4.6/2.4.6.5 Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the server_inc parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-12-31 | CVE-2004-1408 | Singapore | Remote vulnerability in Singapore Image Gallery The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files. | 7.5 |
2004-12-31 | CVE-2004-1406 | Ikonboard COM | Remote SQL Injection vulnerability in Ikonboard SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the (1) st or (2) keywords parameter. | 7.5 |
2004-12-31 | CVE-2004-1405 | Mediawiki | Remote Arbitrary Script Upload vulnerability in MediaWiki MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-1404 | Opentools | Remote vulnerability in Opentools Attachment Mod Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-1403 | SIR | Remote File Include vulnerability in SIR GNUBoard PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-12-31 | CVE-2004-1401 | ASP Rider | Remote SQL Injection vulnerability in ASP-Rider SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter. | 7.5 |
2004-12-31 | CVE-2004-1400 | Active Server Corner | Unspecified vulnerability in Active Server Corner ASP Calendar 1.0 The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp. | 7.5 |
2004-12-31 | CVE-2004-1386 | Tiki | Improper Input Validation vulnerability in Tiki Tikiwiki Cms/Groupware 1.6.1 TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | 7.5 |
2004-12-31 | CVE-2004-1383 | Phpgroupware | Cross-Site Scripting and SQL Injection vulnerability in PHPGroupWare Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details.php. | 7.5 |
2004-12-31 | CVE-2004-1332 | HP | Buffer Overflow vulnerability in HP HP-UX FTP Server Debug Logging Mode Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. | 7.5 |
2004-12-31 | CVE-2004-1327 | Crystal ART Software | Remote Client-Side Buffer Overflow vulnerability in Crystal Art Crystal FTP Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension. | 7.5 |
2004-12-31 | CVE-2004-1182 | Hylafax | Unspecified vulnerability in Hylafax hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password. | 7.5 |
2004-12-31 | CVE-2004-1173 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6.0 Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog. | 7.5 |
2004-12-31 | CVE-2004-1166 | Microsoft | Code Injection vulnerability in Microsoft IE and Internet Explorer CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. | 7.5 |
2004-12-31 | CVE-2004-1155 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | 7.5 |
2004-12-31 | CVE-2004-1143 | GNU | Unspecified vulnerability in GNU Mailman The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. | 7.5 |
2004-12-31 | CVE-2004-1104 | Microsoft | Unspecified vulnerability in Microsoft IE 6.0 Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. | 7.5 |
2004-12-31 | CVE-2004-0951 | HP | Unspecified vulnerability in HP Ignite-Ux C.6.2.241 The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information. | 7.5 |
2004-12-31 | CVE-2004-0826 | Mozilla Netscape SUN HP | Remote Heap Overflow vulnerability in Mozilla Network Security Services Library Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | 7.5 |
2004-12-31 | CVE-2004-0817 | Enlightenment Imagemagick SUN Conectiva Mandrakesoft Redhat Suse Turbolinux Ubuntu | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | 7.5 |
2004-12-31 | CVE-2004-0567 | Microsoft | Remote Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows NT The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." | 7.5 |
2004-12-31 | CVE-2004-0561 | University OF Minnesota | Denial-Of-Service vulnerability in University of Minnesota Gopherd 3.0.3 Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-0560 | University OF Minnesota | Denial Of Service vulnerability in University of Minnesota Gopherd 3.0.3 Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow. | 7.5 |
2004-12-31 | CVE-2004-0555 | GNU | Unspecified vulnerability in GNU Queue Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-0390 | SCO | Unspecified vulnerability in SCO Openserver 5.0.5/5.0.6/5.0.7 SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. | 7.5 |
2004-12-31 | CVE-2004-0369 | Entrust Symantec | Remote IPsec/ISAKMP Buffer Overflow vulnerability in Entrust LibKMP ISAKMP Library Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. | 7.5 |
2004-12-31 | CVE-2004-0323 | XMB Forum | Unspecified vulnerability in XMB Forum XMB 1.8/1.8Sp1/1.8Sp2 Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. | 7.5 |
2004-12-27 | CVE-2004-1317 | Netcat | Remote Security vulnerability in Netcat Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. | 7.5 |
2004-12-31 | CVE-2004-2693 | HP | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux 11.00/11.04/11.11 HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/. | 7.2 |
2004-12-31 | CVE-2004-2686 | SUN | Path Traversal vulnerability in SUN Solaris and Sunos Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. | 7.2 |
2004-12-31 | CVE-2004-2676 | Webroot Software | Local Security vulnerability in Webroot Software SPY Sweeper Enterprise 1.5.1Build3698 The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-2554 | Novell | Local Privilege Escalation vulnerability in Novell Client Firewall 2.0 Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. | 7.2 |
2004-12-31 | CVE-2004-2515 | Vmware | Local Format String vulnerability in VMWare Workstation 4.5.2Build8848 Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. | 7.2 |
2004-12-31 | CVE-2004-2504 | ALT N | Local Privilege Escalation vulnerability in Alt-N MDaemon The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-2430 | Trend Micro | Local Privilege Escalation vulnerability in Trend Micro OfficeScan Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. | 7.2 |
2004-12-31 | CVE-2004-2409 | Samhain Labs | Local Heap Overflow vulnerability in Samhain Labs Samhain Database Update Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code. | 7.2 |
2004-12-31 | CVE-2004-2396 | Mandrakesoft | passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. | 7.2 |
2004-12-31 | CVE-2004-2372 | Bochs Project | Local Security vulnerability in Bochs Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path. | 7.2 |
2004-12-31 | CVE-2004-2335 | Macromedia | Local Privilege Escalation vulnerability in Macromedia Contribute and Studio The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program. | 7.2 |
2004-12-31 | CVE-2004-2329 | Kerio | Local Privilege Escalation vulnerability in Kerio Personal Firewall 2.1.5 Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box. | 7.2 |
2004-12-31 | CVE-2004-2312 | IBM | Local Buffer Overflow vulnerability in IBM AIX 4.3.3 Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | 7.2 |
2004-12-31 | CVE-2004-2300 | UCD Snmp | Local Buffer Overflow vulnerability in UCD-SNMPD Command Line Parsing Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. | 7.2 |
2004-12-31 | CVE-2004-2270 | IBM | Unspecified vulnerability in IBM Parallel Environment 3.2/4.1 Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code. | 7.2 |
2004-12-31 | CVE-2004-2269 | Matt Shelton | Local Security vulnerability in Passive Asset Detection System Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. | 7.2 |
2004-12-31 | CVE-2004-2265 | Uudeview | Unspecified vulnerability in Uudeview 0.5.18/0.5.19 UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. | 7.2 |
2004-12-31 | CVE-2004-2228 | Mozilla | Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-2205 | Symantec Veritas | Unspecified vulnerability in Symantec Veritas Cluster Server Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors. | 7.2 |
2004-12-31 | CVE-2004-2204 | Macromedia | Unspecified vulnerability in Macromedia Coldfusion 6.0/6.1 Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT. | 7.2 |
2004-12-31 | CVE-2004-2197 | Kdocker | Unspecified vulnerability in KDocker kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs. | 7.2 |
2004-12-31 | CVE-2004-2148 | Slava Astashonok | Local vulnerability in Slava Astashonok Fprobe Unknown local vulnerability in the "change user" feature of Slava Astashonok Fprobe 1.0.5 and earlier has unknown impact and attack vectors. | 7.2 |
2004-12-31 | CVE-2004-2070 | Altiris | The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allows local users to execute arbitrary commands by opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2005-1590. | 7.2 |
2004-12-31 | CVE-2004-2012 | Niels Vladimir Kotal Netbsd | Privilege Escalation vulnerability in NetBSD/FreeBSD Port Systrace Exit Routine Access Validation The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges. | 7.2 |
2004-12-31 | CVE-2004-1767 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | 7.2 |
2004-12-31 | CVE-2004-1573 | AJ Fork Cutephp | The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator. | 7.2 |
2004-12-31 | CVE-2004-1469 | Peter D Gray | Unspecified vulnerability in Peter D. Gray SUS 2.0/2.0.1 Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog. | 7.2 |
2004-12-31 | CVE-2004-1452 | Gentoo | Unspecified vulnerability in Gentoo Linux Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. | 7.2 |
2004-12-31 | CVE-2004-1330 | IBM | Local Buffer Overflow vulnerability in IBM AIX PAGINIT Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | 7.2 |
2004-12-31 | CVE-2004-1328 | HP | Newgrp Local Privilege Escalation vulnerability in HP Hp-Ux 11.00/11.11/11.4 Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | 7.2 |
2004-12-31 | CVE-2004-1189 | MIT | Out-Of-Bounds Write vulnerability in MIT Kerberos 5 The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow. | 7.2 |
2004-12-31 | CVE-2004-1144 | Linux | Unspecified vulnerability in Linux Kernel 2.4.0 Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-0984 | GNU | Local Security vulnerability in GNU Mailutils 0.5/0.6 Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-0821 | Apple | Unspecified vulnerability in Apple mac OS X and mac OS X Server The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-0806 | Cdrtools | Unspecified vulnerability in Cdrtools Cdrecord 1.11/2.0 cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. | 7.2 |
2004-12-31 | CVE-2004-0780 | SUN | Local Buffer Overflow vulnerability in Sun Solaris UUSTAT Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument. | 7.2 |
2004-12-31 | CVE-2004-2724 | Lionmax Software | Improper Authentication vulnerability in Lionmax Software Chat Anywhere 2.72A LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character. | 7.1 |
2004-12-31 | CVE-2004-2691 | 3Com | Denial-Of-Service vulnerability in 3Com 3C17205-Us, 3C17210-Us and Superstack 3 Switch Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. | 7.1 |
2004-12-31 | CVE-2004-1471 | CVS Openpkg SGI Freebsd Gentoo Openbsd | Multiple vulnerability in CVS Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | 7.1 |
595 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-12-31 | CVE-2004-2698 | Imwheel | Race Condition vulnerability in Imwheel Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file. | 6.9 |
2004-12-31 | CVE-2004-2697 | IBM | Race Condition vulnerability in IBM AIX 4.3.3/5.1/5.1L The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). | 6.9 |
2004-12-31 | CVE-2004-2541 | Cscope | Buffer Errors vulnerability in Cscope 15.5 Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target. | 6.9 |
2004-12-31 | CVE-2004-2760 | Openbsd | Configuration vulnerability in Openbsd Openssh 3.5/3.5P1 sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. | 6.8 |
2004-12-31 | CVE-2004-2751 | Postnuke Software Foundation | SQL Injection vulnerability in Postnuke Software Foundation Postnuke 0.722/0.723/0.726 SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | 6.8 |
2004-12-31 | CVE-2004-2719 | Foxmail | Buffer Errors vulnerability in Foxmail 5.0.300 Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339. | 6.8 |
2004-12-31 | CVE-2004-2675 | Argosoft | Multiple vulnerability in ArGoSoft FTP Server ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted. | 6.8 |
2004-12-31 | CVE-2004-2674 | Argosoft | Multiple vulnerability in ArGoSoft FTP Server Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument. | 6.8 |
2004-12-31 | CVE-2004-2670 | Endonesia | Cross-Site Scripting vulnerability in Endonesia 8.3 Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module. | 6.8 |
2004-12-31 | CVE-2004-2667 | IBM | Cross-Site Scripting vulnerability in Lotus Domino Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 6.8 |
2004-12-31 | CVE-2004-2602 | Ubertec | Remote vulnerability in Help Center Live PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) before 1.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the HCL_path parameter to pipe.php. | 6.8 |
2004-12-31 | CVE-2004-2354 | Francisco Burzi Warpspeed | Cross-Site Scripting vulnerability in 4Nguestbook SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered. | 6.8 |
2004-12-31 | CVE-2004-2185 | Mediawiki | Remote Input Validation vulnerability in Mediawiki 1.3.5 Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | 6.8 |
2004-12-31 | CVE-2004-2128 | BRS | Cross-Site Scripting vulnerability in BRS WebWeaver Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll. | 6.8 |
2004-12-31 | CVE-2004-2115 | Oracle | Cross-Site Scripting vulnerability in Oracle Http Server 8.1.7/9.0.1/9.2.0 Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request. | 6.8 |
2004-12-31 | CVE-2004-2109 | Quadcomm | Cross-Site Scripting vulnerability in QuadComm Q-Shop Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL. | 6.8 |
2004-12-31 | CVE-2004-2072 | Mambo | Cross-Site Scripting vulnerability in Mambo Open Source 4.6 Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter. | 6.8 |
2004-12-31 | CVE-2004-1419 | Zeroboard | Code Injection vulnerability in Zeroboard 4.1Pl2/4.1Pl3/4.1Pl4 PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code. | 6.8 |
2004-12-31 | CVE-2004-2538 | Nilesh Dosooye | Unspecified vulnerability in Nilesh Dosooye PHPcodegenie Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer. | 6.5 |
2004-12-31 | CVE-2004-2523 | Openftpd | Remote Message Format String vulnerability in Openftpd FTP Server 0.29.4/0.30/0.30.1 Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument. | 6.5 |
2004-12-31 | CVE-2004-2345 | Oracle | Security vulnerability in Oracle9i Database Server Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information. | 6.5 |
2004-12-31 | CVE-2004-1995 | Fusetalk | Cross-Site Request Forgery (CSRF) vulnerability in Fusetalk 2.0 Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm. | 6.5 |
2004-12-31 | CVE-2004-2743 | Raditha Dissanayake | Permissions, Privileges, and Access Controls vulnerability in Raditha Dissanayake Mega Upload Progress BAR upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files. | 6.4 |
2004-12-31 | CVE-2004-2642 | Nathaniel Bray | Unspecified vulnerability in Nathaniel Bray Yeemp Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender. | 6.4 |
2004-12-31 | CVE-2004-2637 | Zonet | Unspecified vulnerability in Zonet Zsr1104We Wireless Router Runtime Code 2.41 The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypass intended security restrictions. | 6.4 |
2004-12-31 | CVE-2004-2601 | Ubertec | Remote Security vulnerability in Ubertec Help Center Live 1.2.6 PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) allows remote attackers to read local files and possibly execute PHP code via a URL in the SKIN_inner parameter to inc/skin.php. | 6.4 |
2004-12-31 | CVE-2004-2546 | Samba Trustix | Denial-Of-Service vulnerability in Samba Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | 6.4 |
2004-12-31 | CVE-2004-2483 | Kerio | Remote vulnerability in Kerio WinRoute Firewall Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries in response to A queries, which allows remote attackers to poison the DNS cache or cause a denial of service (connection loss). | 6.4 |
2004-12-31 | CVE-2004-2405 | F Secure | Denial-Of-Service vulnerability in F-Secure Anti-Virus Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive. | 6.4 |
2004-12-31 | CVE-2004-2369 | IBM | Directory Traversal vulnerability in IBM Lotus Domino 6.5.1 Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. | 6.4 |
2004-12-31 | CVE-2004-2357 | Proofpoint | Remote Security vulnerability in Proofpoint Protection Server The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database. | 6.4 |
2004-12-31 | CVE-2004-2298 | Novell | Denial-Of-Service vulnerability in Internet Messaging System Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator. | 6.4 |
2004-12-31 | CVE-2004-2274 | W3C | Remote URI Parsing vulnerability in W3C Jigsaw Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | 6.4 |
2004-12-31 | CVE-2004-2255 | Phpmyfaq | Unspecified vulnerability in PHPmyfaq 1.3.12 Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename. | 6.4 |
2004-12-31 | CVE-2004-2198 | Duware | Remote vulnerability in DUware Software account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page. | 6.4 |
2004-12-31 | CVE-2004-2184 | Digicraft Software | Directory Traversal vulnerability in Yak! Chat Client FTP Server Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put. | 6.4 |
2004-12-31 | CVE-2004-2160 | Xmlstarlet | Denial-Of-Service vulnerability in Xmlstarlet Command Line XML Toolkit 0.9.3 Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code. | 6.4 |
2004-12-31 | CVE-2004-1583 | Tridcomm | Directory Traversal vulnerability in TriDComm Built-in FTP Server Directory traversal vulnerability in the FTP server in TriDComm 1.3 and earlier allows remote attackers to read or write arbitrary files via a .. | 6.4 |
2004-12-31 | CVE-2004-1557 | Mywebserver | Remote vulnerability in Mywebserver 1.0.3 MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a direct HTTP request to (1) /admin or (2) ServerProperties.html. | 6.4 |
2004-12-31 | CVE-2004-0952 | HP | Unspecified vulnerability in HP Hp-Ux HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. | 6.4 |
2004-12-31 | CVE-2004-2634 | IBM | Console Commands Symbolic Link vulnerability in Multiple IBM AIX The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. | 6.2 |
2004-12-31 | CVE-2004-2714 | Windowmaker | USE of Externally-Controlled Format String vulnerability in Windowmaker Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability. | 6.0 |
2004-12-31 | CVE-2004-2553 | THE Ignition Project | Privilege Escalation vulnerability in the Ignition Project Ignitionserver 0.1.2/0.1.2R1/0.1.2R2 The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument. | 6.0 |
2004-12-31 | CVE-2004-1389 | Veritas | Privilege Escalation vulnerability in Veritas NetBackup Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature. | 6.0 |
2004-12-31 | CVE-2004-1464 | Cisco | Unspecified vulnerability in Cisco IOS Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | 5.9 |
2004-12-31 | CVE-2004-2733 | Webwiz | Permissions, Privileges, and Access Controls vulnerability in Webwiz web WIZ Forums 7.7 Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp. | 5.8 |
2004-12-31 | CVE-2004-2694 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top". | 5.8 |
2004-12-31 | CVE-2004-2682 | Peersec Networks | Cross-Site Scripting vulnerability in MatrixSSL PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal), a related issue to CVE-2003-0147. | 5.8 |
2004-12-31 | CVE-2004-2649 | Eudora | Improper Input Validation vulnerability in Eudora 6.1.0.6 Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting a large number of characters (e.g. | 5.8 |
2004-12-31 | CVE-2004-2580 | Novell | Remote vulnerability in Novell Ichain 2.3 Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors. | 5.8 |
2004-12-31 | CVE-2004-2563 | Serena Software | Remote Authentication Bypass vulnerability in Serena Software Serena Teamtrack 6.1.1 Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters. | 5.8 |
2004-12-31 | CVE-2004-2320 | BEA | Information Exposure vulnerability in BEA Weblogic Server The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting. | 5.8 |
2004-12-31 | CVE-2004-2753 | HP | Local Insecure File Access vulnerability in HP SharedX Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner." | 5.6 |
2004-12-31 | CVE-2004-2696 | BEA | Credentials Management vulnerability in BEA Weblogic Server BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in an RMI call. | 5.5 |
2004-12-31 | CVE-2004-2331 | Macromedia | Unsafe Reflection vulnerability in Macromedia Coldfusion 6.1 ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag. | 5.5 |
2004-12-31 | CVE-2004-1901 | Gentoo | Link Following vulnerability in Gentoo Linux and Portage Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. | 5.5 |
2004-12-31 | CVE-2004-2655 | Xscreensaver | Local Password Disclosure vulnerability in Xscreensaver 4.14/4.16/4.17 rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen. | 5.4 |
2004-12-31 | CVE-2004-2527 | Microsoft | The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running. | 5.4 |
2004-12-31 | CVE-2004-2678 | HP | IPsec/IKE Remote Privilege Escalation vulnerability in HP Tru64 5.1A/5.1Bp3Kbl24/5.1Bpk2Bl22 Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors. | 5.1 |
2004-12-31 | CVE-2004-2633 | Arjohn Kampman | Unspecified vulnerability in Arjohn Kampman Sesame RDF Container Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors. | 5.1 |
2004-12-31 | CVE-2004-2625 | Outblaze | HTML Injection vulnerability in Outblaze Webmail Cross-site scripting (XSS) vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag. | 5.1 |
2004-12-31 | CVE-2004-2383 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. | 5.1 |
2004-12-31 | CVE-2004-2099 | Electronic Arts | Remote Buffer Overflow vulnerability in EA Black Box Need For Speed Hot Pursuit 2 Game Client Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands. | 5.1 |
2004-12-31 | CVE-2004-1798 | Realnetworks | Unspecified vulnerability in Realnetworks products RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | 5.1 |
2004-12-31 | CVE-2004-1481 | Realnetworks | Unspecified vulnerability in Realnetworks Helix Player, Realone Player and Realplayer Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | 5.1 |
2004-12-31 | CVE-2004-1476 | Xine Suse | Stack Overflow vulnerability in Xine-lib VideoCD And Text Subtitle Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. | 5.1 |
2004-12-31 | CVE-2004-1475 | Xine | Stack Overflow vulnerability in Xine-lib VideoCD And Text Subtitle Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines. | 5.1 |
2004-12-31 | CVE-2004-1455 | Xine | Remote Buffer Overflow vulnerability in Xine-Lib Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL. | 5.1 |
2004-12-31 | CVE-2004-1416 | pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | 5.1 | |
2004-12-31 | CVE-2004-1306 | Microsoft | Heap Overflow vulnerability in Microsoft Windows winhlp32 Phrase Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. | 5.1 |
2004-12-31 | CVE-2004-1150 | Nullsoft | Remote Buffer Overflow vulnerability in Nullsoft Winamp Variant Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file. | 5.1 |
2004-12-31 | CVE-2004-1049 | Microsoft | Integer Overflow vulnerability in Microsoft Windows LoadImage API Function Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | 5.1 |
2004-12-31 | CVE-2004-0909 | Mozilla | Unspecified vulnerability in Mozilla and Thunderbird Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages. | 5.1 |
2004-12-31 | CVE-2004-0802 | Enlightenment Imagemagick SUN Conectiva Mandrakesoft Redhat Suse Turbolinux Ubuntu | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | 5.1 |
2004-12-31 | CVE-2004-2750 | Jbrowser | Path Traversal vulnerability in Jbrowser 1.0/2.0/2.1 Directory traversal vulnerability in browser.php in JBrowser 1.0 through 2.1 allows remote attackers to read arbitrary files via the directory parameter. | 5.0 |
2004-12-31 | CVE-2004-2744 | Phplist | Remote Security vulnerability in Mailing List Manager Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has unknown impact and attack vectors, related to a "security update release." | 5.0 |
2004-12-31 | CVE-2004-2736 | Polar Software | Improper Authentication vulnerability in Polar Software Helpdesk 3.0 Polar HelpDesk 3.0 allows remote attackers to bypass authentication by setting the UserId and UserType values in a cookie. | 5.0 |
2004-12-31 | CVE-2004-2726 | Mailenable | Denial-Of-Service vulnerability in Mailenable 1.18 HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). | 5.0 |
2004-12-31 | CVE-2004-2712 | Phrozensmoke | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data." | 5.0 |
2004-12-31 | CVE-2004-2708 | Phrozensmoke | Credentials Management vulnerability in Phrozensmoke Gyach Enhanced Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file. | 5.0 |
2004-12-31 | CVE-2004-2706 | Phrozensmoke | Improper Input Validation vulnerability in Phrozensmoke Gyach Enhanced Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | 5.0 |
2004-12-31 | CVE-2004-2671 | Endonesia | Path Disclosure vulnerability in Endonesia 8.3 mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive information via certain direct requests, and certain requests with invalid parameter values, which reveal the path in various error messages, as demonstrated by the (1) mod and (2) cid parameters. | 5.0 |
2004-12-31 | CVE-2004-2666 | Mantis | Information Disclosure vulnerability in Mantis Mantis before 20041016 provides a complete Issue History (Bug History) in the web interface regardless of view_history_threshold, which allows remote attackers to obtain sensitive information (private bug details) by visiting a bug's web page. | 5.0 |
2004-12-31 | CVE-2004-2664 | John LIM | Information Disclosure vulnerability in Adodb John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message. | 5.0 |
2004-12-31 | CVE-2004-2662 | Soft3304 | Denial-Of-Service vulnerability in Soft3304 04Webserver 1.41 Soft3304 04WebServer before 1.41 allows remote attackers to cause a denial of service (resource consumption or crash) via certain data related to OpenSSL, which causes a thread to terminate but continue to hold resources. | 5.0 |
2004-12-31 | CVE-2004-2661 | Soft3304 | Information Disclosure vulnerability in Soft3304 04Webserver 1.40 Soft3304 04WebServer before 1.41 does not properly check file names, which allows remote attackers to obtain sensitive information (CGI source code). | 5.0 |
2004-12-31 | CVE-2004-2654 | Squid | Denial-Of-Service vulnerability in Squid 2.5Stable5 The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference. | 5.0 |
2004-12-31 | CVE-2004-2647 | Reid Garner | Denial Of Service vulnerability in Multiple Free Web Chat Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user. | 5.0 |
2004-12-31 | CVE-2004-2646 | Reid Garner | Denial Of Service vulnerability in Multiple Free Web Chat The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName variable to be null. | 5.0 |
2004-12-31 | CVE-2004-2641 | SUN | Remote TOS IP Packet Denial Of Service vulnerability in Sun Fire/Netra Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Service (TOS) Bits set. | 5.0 |
2004-12-31 | CVE-2004-2640 | Ryszard Pydo | Remote Directory Traversal vulnerability in LinuxStat Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. | 5.0 |
2004-12-31 | CVE-2004-2636 | RIT Research Labs | TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL. | 5.0 |
2004-12-31 | CVE-2004-2628 | Acme Labs | Directory Traversal vulnerability in Acme Labs Thttpd 2.0.7Beta0.4 Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote attackers to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:"). | 5.0 |
2004-12-31 | CVE-2004-2620 | Paul L Daniels | Remote Security vulnerability in Paul L Daniels Ripmime 1.3.1.0 The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly handle trailing "\r" and "\n" characters in headers, which leads to a buffer underflow. | 5.0 |
2004-12-31 | CVE-2004-2617 | Pegasi WEB Server | Input Validation vulnerability in Pegasi web Server Pegasi web Server 0.2.2 Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. | 5.0 |
2004-12-31 | CVE-2004-2608 | Smartwebby | Permissions, Privileges, and Access Controls vulnerability in Smartwebby Smart Guest Book 2 SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news database") under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the unencrypted username and password of the administrator's account. | 5.0 |
2004-12-31 | CVE-2004-2600 | Intel HP | The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled. | 5.0 |
2004-12-31 | CVE-2004-2598 | ID Software | Remote vulnerability in ID Software Quake II Server Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. | 5.0 |
2004-12-31 | CVE-2004-2597 | ID Software | Remote vulnerability in ID Software Quake II Server 3.20/3.21 Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's ability to find the client's IP address. | 5.0 |
2004-12-31 | CVE-2004-2596 | ID Software | Improper Input Validation vulnerability in ID Software Quake II Server 3.20/3.21 Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | 5.0 |
2004-12-31 | CVE-2004-2595 | ID Software | Remote vulnerability in ID Software Quake II Server Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data. | 5.0 |
2004-12-31 | CVE-2004-2594 | ID Software | Remote vulnerability in ID Software Quake II Server Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg". | 5.0 |
2004-12-31 | CVE-2004-2592 | ID Software | Improper Input Validation vulnerability in ID Software Quake II Server 3.20/3.21 Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines. | 5.0 |
2004-12-31 | CVE-2004-2589 | ROB Flynn | Multiple vulnerability in Gaim Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory. | 5.0 |
2004-12-31 | CVE-2004-2588 | XMB Software | Unspecified vulnerability in XMB Software XMB Forum 1.9Nexusbeta Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application. | 5.0 |
2004-12-31 | CVE-2004-2587 | Smartertools | Denial-Of-Service vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2586 | Smartertools | Directory Traversal vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter. | 5.0 |
2004-12-31 | CVE-2004-2582 | Novell | Remote vulnerability in Novell Ichain 2.3 Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. | 5.0 |
2004-12-31 | CVE-2004-2581 | Novell | Remote vulnerability in Novell Ichain 2.3 Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string." | 5.0 |
2004-12-31 | CVE-2004-2578 | Phpgroupware | Information Disclosure vulnerability in PHPGroupWare Plaintext Cookie Authentication Credentials phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords. | 5.0 |
2004-12-31 | CVE-2004-2577 | Phpgroupware | Unspecified vulnerability in PHPgroupware 0.9.16Rc1/0.9.16Rc2 The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts. | 5.0 |
2004-12-31 | CVE-2004-2576 | Phpgroupware | Information Disclosure vulnerability in PHPgroupware 0.9.16.000 class.vfs_dav.inc.php in phpGroupWare 0.9.16.000 does not create .htaccess files to enable authorization checks for access to users' home-directory files, which allows remote attackers to obtain sensitive information from these files. | 5.0 |
2004-12-31 | CVE-2004-2575 | Phpgroupware | Information Disclosure vulnerability in Phpgroupware phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain sensitive information via a direct request to (1) hook_admin.inc.php, (2) hook_home.inc.php, (3) class.holidaycalc.inc.php, and (4) setup.inc.php.sample, which reveals the path in an error message. | 5.0 |
2004-12-31 | CVE-2004-2572 | Amax Information Technologies | Remote Installation Path Disclosure vulnerability in Amax Information Technologies Magic Winmail Server 3.6 AMAX Magic Winmail Server 3.6 allows remote attackers to obtain sensitive information by entering (1) invalid characters such as "()" or (2) a large number of characters in the Lookup field on the netaddressbook.php web form, which reveals the path in an ldaplib.php error message when the ldap_search function fails, due to improper processing of the $keyword variable. | 5.0 |
2004-12-31 | CVE-2004-2570 | Opera | Injection vulnerability in Opera Browser Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user. | 5.0 |
2004-12-31 | CVE-2004-2565 | Sambar | Multiple vulnerability in Sambar Server 6.1 Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp. | 5.0 |
2004-12-31 | CVE-2004-2557 | Netgear | Unspecified vulnerability in Netgear Wg602 1.7.14 NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration. | 5.0 |
2004-12-31 | CVE-2004-2556 | Netgear | Unspecified vulnerability in Netgear Wg602 1.04.0/1.5.67 NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration. | 5.0 |
2004-12-31 | CVE-2004-2549 | Nortel | Denial Of Service vulnerability in Nortel products Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote attackers to cause a denial of service (service crash) via a TCP request with a large string, followed by 8 newline characters, to (1) the Telnet service on TCP port 23 and (2) the HTTP service on TCP port 80, possibly due to a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2545 | Securecomputing | Denial-Of-Service vulnerability in Securecomputing Sidewinder G2 6.1.0.01 Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (SMTP proxy failure) via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure. | 5.0 |
2004-12-31 | CVE-2004-2543 | Securecomputing | Denial-Of-Service vulnerability in Securecomputing Sidewinder G2 6.1.0.01 Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MIME messages to the mail filter. | 5.0 |
2004-12-31 | CVE-2004-2540 | SUN | Denial-Of-Service vulnerability in SUN JDK and JRE readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. | 5.0 |
2004-12-31 | CVE-2004-2535 | Matthew Phillips | Unspecified vulnerability in Matthew Phillips Sticker 3.0.0 The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key. | 5.0 |
2004-12-31 | CVE-2004-2533 | Solarwinds | Improper Input Validation vulnerability in Solarwinds Serv-U File Server 4.1.0.0 Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111. | 5.0 |
2004-12-31 | CVE-2004-2529 | Gadu Gadu | Remote vulnerability in Gadu-Gadu Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities. | 5.0 |
2004-12-31 | CVE-2004-2526 | IBM | Directory Traversal vulnerability in IBM Tivoli Directory Server LDACGI Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-2524 | WHM Autopilot | Information Disclosure vulnerability in WHM Autopilot WHM Autopilot 2.4.5 clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to encode the desired user ID in the c parameter, then read the plaintext values in the resulting form. | 5.0 |
2004-12-31 | CVE-2004-2517 | Myserver | Denial-Of-Service vulnerability in Myserver 0.7.1 myServer 0.7.1 allows remote attackers to cause a denial of service (crash) via a long HTTP POST request in a View=Logon operation to index.html. | 5.0 |
2004-12-31 | CVE-2004-2516 | Myserver | Directory Traversal vulnerability in MyServer Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences. | 5.0 |
2004-12-31 | CVE-2004-2507 | Linksys | Unspecified vulnerability in Linksys Wvc11B 2.10 Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter. | 5.0 |
2004-12-31 | CVE-2004-2506 | Wikindx | Information Disclosure vulnerability in Wikindx Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g allows remote attackers to obtain sensitive information via a direct HTTP request to the config.inc file. | 5.0 |
2004-12-31 | CVE-2004-2505 | Macromedia | Denial Of Service vulnerability in Macromedia ColdFusion MX Oversized Error Message Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data. | 5.0 |
2004-12-31 | CVE-2004-2503 | Inweb | Remote Denial Of Service vulnerability in Inweb Mail Server 2.40 INweb Mail Server 2.40 allows remote attackers to cause a denial of service (crash) via a large number of connect/disconnect actions to the (1) POP3 and (2) SMTP services. | 5.0 |
2004-12-31 | CVE-2004-2498 | Hitachi | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors. | 5.0 |
2004-12-31 | CVE-2004-2485 | PHP Live | Remote Configuration File Include vulnerability in PHP Live! Unspecified vulnerability in PHP Live! before 2.8.2, due to a "major security problem," allows remote attackers to include arbitrary files and directories via unspecified attack vectors. | 5.0 |
2004-12-31 | CVE-2004-2482 | Microsoft | Unspecified vulnerability in Microsoft Outlook 2000/2003 Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code. | 5.0 |
2004-12-31 | CVE-2004-2480 | National Science Foundation | Unspecified vulnerability in National Science Foundation Squid web Proxy Cache 2.3Stable5 Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer. | 5.0 |
2004-12-31 | CVE-2004-2479 | National Science Foundation | Information Disclosure vulnerability in Squid Proxy Failed DNS Lookup Random Error Messages Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. | 5.0 |
2004-12-31 | CVE-2004-2472 | Agnitum | Remote Denial of Service vulnerability in Agnitum Outpost Firewall 2.1 Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. | 5.0 |
2004-12-31 | CVE-2004-2469 | Brickhost | Reservation Modification vulnerability in PHPScheduleIt Reservation.Class.PHP Unspecified vulnerability in Reservation.class.php for phpScheduleIt 1.01 and earlier allows attackers to modify or delete reservations. | 5.0 |
2004-12-31 | CVE-2004-2467 | EFS Software | Denial-Of-Service vulnerability in EFS Software Easy Chat Server 1.2 chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a denial of service (server crash). | 5.0 |
2004-12-31 | CVE-2004-2466 | EFS Software | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EFS Software Easy Chat Server 1.2/2.2 chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2460 | GNU | Remote POP3 Protocol vulnerability in gnubiff Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. | 5.0 |
2004-12-31 | CVE-2004-2458 | Open Webmail | Unspecified vulnerability in Open Webmail Open Webmail Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | 5.0 |
2004-12-31 | CVE-2004-2457 | 3Com | Remote Denial Of Service vulnerability in 3Com OfficeConnect ADSL Wireless 11g Firewall Router Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. | 5.0 |
2004-12-31 | CVE-2004-2452 | Hitachi | Information Disclosure vulnerability in Cosminexus Portal Framework Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library. | 5.0 |
2004-12-31 | CVE-2004-2451 | Gamespy | Denial Of Service vulnerability in Roger Wilco Server Unauthorized Audio Stream Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug. | 5.0 |
2004-12-31 | CVE-2004-2450 | Gamespy | Information Disclosure vulnerability in Roger Wilco The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information. | 5.0 |
2004-12-31 | CVE-2004-2449 | Gamespy | Denial Of Service vulnerability in Gamespy products Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. | 5.0 |
2004-12-31 | CVE-2004-2448 | Cassiopeia Itransact | Information Disclosure vulnerability in S-Mart Shopping Cart S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name. | 5.0 |
2004-12-31 | CVE-2004-2446 | 1ST Class Internet Solutions | Input Validation vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01 Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. | 5.0 |
2004-12-31 | CVE-2004-2445 | Jaws | Input Validation vulnerability in Jaws 0.3Beta Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-2442 | F Secure | Unspecified vulnerability in F-Secure products Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system. | 5.0 |
2004-12-31 | CVE-2004-2439 | HP | Unspecified vulnerability in HP products The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware. | 5.0 |
2004-12-31 | CVE-2004-2434 | Microsoft | Denial-Of-Service vulnerability in Microsoft IE 6.0 Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string. | 5.0 |
2004-12-31 | CVE-2004-2432 | Winagents | Remote Buffer Overrun vulnerability in WinAgents TFTP Server WinAgents TFTP Server 3.0 allows remote attackers to cause a denial of service (crash) via a request for a file with a long file name, possibly due to an off-by-one buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2428 | Abczone IT | Information Disclosure vulnerability in Abczone.It Wwwguestbook 1.1 Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the plaintext username and password. | 5.0 |
2004-12-31 | CVE-2004-2426 | Axis | Multiple vulnerability in Axis Network Camera And Video Server Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. | 5.0 |
2004-12-31 | CVE-2004-2424 | BEA | Remote Denial of Service vulnerability in BEA Weblogic Server 8.1 BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service (network port consumption) via unknown actions in HTTPS sessions, which prevents the server from releasing the network port when the session ends. | 5.0 |
2004-12-31 | CVE-2004-2423 | Ipswitch | Buffer Overflow Denial Of Service vulnerability in Ipswitch IMail Server Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content." | 5.0 |
2004-12-31 | CVE-2004-2422 | Ipswitch | Buffer Overflow Denial Of Service vulnerability in Ipswitch IMail Server Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. | 5.0 |
2004-12-31 | CVE-2004-2420 | Hitachi | Remote vulnerability in Hitachi JP1 P-1B41-9461, JP1 P-1B41-9471 and JP1 P-1J41-9471 Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 allows remote attackers to cause a denial of service (daemon halt) via a port scan involving reset packets. | 5.0 |
2004-12-31 | CVE-2004-2415 | Davenport | Denial Of Service vulnerability in Davenport XML Expansion Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks. | 5.0 |
2004-12-31 | CVE-2004-2399 | Securecomputing | Denial-Of-Service vulnerability in Securecomputing Sidewinder G2 6.1.0.01 Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (CPU consumption) via delayed responses to DNS queries. | 5.0 |
2004-12-31 | CVE-2004-2392 | Mandrakesoft | Multiple Unspecified vulnerability in Mandrakesoft Mandrake Linux and Mandrake Linux Corporate Server libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs. | 5.0 |
2004-12-31 | CVE-2004-2391 | Jabberstudio | Remote Denial Of Service vulnerability in Jabber Software Jabber Gadu-Gadu Transport Jabber Gadu-Gadu Transport (a.k.a. | 5.0 |
2004-12-31 | CVE-2004-2390 | Jabberstudio | Remote Denial Of Service vulnerability in Jabber Software Jabber Gadu-Gadu Transport The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. | 5.0 |
2004-12-31 | CVE-2004-2389 | Jabberstudio | Remote Denial Of Service vulnerability in Jabber Software Jabber Gadu-Gadu Transport Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. | 5.0 |
2004-12-31 | CVE-2004-2385 | Emumail | Multiple vulnerability in Emumail EMU Webmail 5.2.7 EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | 5.0 |
2004-12-31 | CVE-2004-2384 | Nullsoft | Denial of Service vulnerability in Nullsoft Winamp 5.02 NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line. | 5.0 |
2004-12-31 | CVE-2004-2382 | Perfectnav | Denial Of Service vulnerability in PerfectNav Malformed URI The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser crash) via a malformed URL such as "?". | 5.0 |
2004-12-31 | CVE-2004-2381 | Jetty | Denial Of Service vulnerability in Jetty HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length. | 5.0 |
2004-12-31 | CVE-2004-2380 | Twilight Utilities | Directory Traversal vulnerability in Twilight Utilities Twilight Utilities web Server 2.0.0.0 Directory traversal vulnerability in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to write arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-2377 | Alcatel | Denial Of Service vulnerability in Alcatel Omniswitch and Omniswitch 7800 Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. | 5.0 |
2004-12-31 | CVE-2004-2374 | Working Resources INC | Path Disclosure vulnerability in Working Resources Inc. Badblue 2.40 BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML. | 5.0 |
2004-12-31 | CVE-2004-2371 | Redstorm | Remote Denial Of Service vulnerability in Redstorm Desert Siege, Ghost Recon and the SUM of ALL Fears Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values. | 5.0 |
2004-12-31 | CVE-2004-2367 | Texas Imperial Software | Remote Denial Of Service vulnerability in WFTPD Server GUI The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command. | 5.0 |
2004-12-31 | CVE-2004-2366 | Globalscape | Remote Buffer Overflow vulnerability in Globalscape Secure FTP Server 2.0Build20040311 Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. | 5.0 |
2004-12-31 | CVE-2004-2361 | Digital Reality | Remote Denial Of Service vulnerability in Digital Reality Game Engine Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 and Desert Rats vs. | 5.0 |
2004-12-31 | CVE-2004-2360 | Targem Games | Remote Denial Of Service vulnerability in Targem Games Battle Mages 1.0 Targem Battle Mages 1.0 allows remote attackers to cause a denial of service (infinite loop) via a UDP packet with incomplete data, which causes the server to enter an infinite loop while waiting to read the rest of the data that is not sent. | 5.0 |
2004-12-31 | CVE-2004-2356 | Fizmez | Denial Of Service vulnerability in Fizmez web Server 1.0 Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, which triggers a null pointer dereference. | 5.0 |
2004-12-31 | CVE-2004-2353 | Incogen | BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information. | 5.0 |
2004-12-31 | CVE-2004-2348 | Sybari | Denial Of Service vulnerability in Sybari Antigen 7.0Build722(Sr2) Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to cause a denial of service (hang) via an encrypted ZIP file with the "include full path info" option set, as used by certain variants of the Beagle/Bagle worm. | 5.0 |
2004-12-31 | CVE-2004-2344 | Vocaltec | Remote H.225 Denial Of Service vulnerability in Vocaltec Vgw120 Telephony Gateway and Vgw480 Telephony Gateway Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec VGW120 and VGW480 allows remote attackers to cause a denial of service. | 5.0 |
2004-12-31 | CVE-2004-2342 | Burton Sang | Remote Denial of Service vulnerability in ChatterBox ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using "aaaaaa". | 5.0 |
2004-12-31 | CVE-2004-2336 | Novell | Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server. | 5.0 |
2004-12-31 | CVE-2004-2333 | Bodington | Unspecified vulnerability in Bodington 2.1.0Rc1/2.1.0Rc2/2.1.0Rc3 Bodington 2.1.0 RC1 and earlier does not secure the file upload area, which allows remote attackers to read uploaded files. | 5.0 |
2004-12-31 | CVE-2004-2330 | Macromedia | Denial of Service vulnerability in Macromedia Coldfusion 6.1 ColdFusion MX 6.1 and 6.1 J2EE allows remote attackers to cause a denial of service via an HTTP request containing a large number of form fields. | 5.0 |
2004-12-31 | CVE-2004-2328 | Clearswift | Denial Of Service vulnerability in Clearswift MAILsweeper For SMTP RAR Archive Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached. | 5.0 |
2004-12-31 | CVE-2004-2327 | Vizer WEB Server | Remote Denial of Service vulnerability in Vizer web Server Vizer web Server 1.9.1 Vizer Web Server 1.9.1 allows remote attackers to cause a denial of service (crash) via multiple malformed requests including (1) requests without GET, (2) GET requests without HTTP, (3) or long GET requests. | 5.0 |
2004-12-31 | CVE-2004-2323 | Dotnetnuke | Multiple vulnerability in DotNetNuke DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows remote attackers to obtain sensitive information, including the SQL server username and password, via a GET request for source or configuration files such as Web.config. | 5.0 |
2004-12-31 | CVE-2004-2318 | Netwin | Denial Of Service vulnerability in SurgeFTP Surgeftpmgr.CGI The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter. | 5.0 |
2004-12-31 | CVE-2004-2317 | Mbedthis Software | Multiple vulnerability in Mbedthis Software AppWeb HTTP Server Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access. | 5.0 |
2004-12-31 | CVE-2004-2316 | Mbedthis Software | Denial Of Service vulnerability in Mbedthis Software AppWeb HTTP Server Empty Options Request Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via a GET request containing an MS-DOS device name such as COM1. | 5.0 |
2004-12-31 | CVE-2004-2315 | Mbedthis Software | Denial Of Service vulnerability in Mbedthis Software AppWeb HTTP Server Empty Options Request Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via an empty OPTIONS request. | 5.0 |
2004-12-31 | CVE-2004-2313 | Inter7 | Unspecified vulnerability in Inter7 Sqwebmail Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks. | 5.0 |
2004-12-31 | CVE-2004-2307 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer and Windows XP Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A. | 5.0 |
2004-12-31 | CVE-2004-2305 | Broadcom | Unspecified vulnerability in Broadcom Etrust Antivirus EE 6.0/7.0 Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files. | 5.0 |
2004-12-31 | CVE-2004-2301 | Qualcomm | Eudora before 6.1.1 allows remote attackers to cause a denial of service (crash) via an e-mail with a long "To:" field, possibly due to a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2297 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large, out-of-range score parameter. | 5.0 |
2004-12-31 | CVE-2004-2296 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which generates an error message. | 5.0 |
2004-12-31 | CVE-2004-2292 | ALT N | Remote Status Command Buffer Overflow vulnerability in Alt-N MDaemon Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. | 5.0 |
2004-12-31 | CVE-2004-2287 | DSM | Directory Traversal vulnerability in DSM Light web File Browser 2.0 Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. | 5.0 |
2004-12-31 | CVE-2004-2283 | Daniel Barron | Unspecified vulnerability in Daniel Barron Dansguardian Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache. | 5.0 |
2004-12-31 | CVE-2004-2282 | Daniel Barron | Security Bypass vulnerability in Dansguardian DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request. | 5.0 |
2004-12-31 | CVE-2004-2280 | IBM | Java Applet vulnerability in IBM Lotus Notes Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. | 5.0 |
2004-12-31 | CVE-2004-2277 | Agsm | Buffer Overflow vulnerability in Agsm 2.35C/2.51C Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server response. | 5.0 |
2004-12-31 | CVE-2004-2273 | Evan Sims | Denial-Of-Service vulnerability in Evan Sims Effingerd 0.2.12 efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a packet with a single byte, which triggers a "Wrong protocol or connection state" error. | 5.0 |
2004-12-31 | CVE-2004-2272 | Evan Sims | Denial-Of-Service vulnerability in Evan Sims Effingerd 0.2.12 Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command. | 5.0 |
2004-12-31 | CVE-2004-2268 | Pimentech | Information Disclosure vulnerability in Pimentech Pimengest2 1.10.1 PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php. | 5.0 |
2004-12-31 | CVE-2004-2260 | Opera | Open Redirect vulnerability in Opera Browser Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. | 5.0 |
2004-12-31 | CVE-2004-2259 | Beasts | Denial of Service vulnerability in Beasts Vsftpd 1.2.0/1.2.1 vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | 5.0 |
2004-12-31 | CVE-2004-2256 | Phpmyfaq | Directory Traversal vulnerability in phpMyFAQ Lang Parameter Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. | 5.0 |
2004-12-31 | CVE-2004-2253 | Netwin | Directory Traversal vulnerability in Netwin Surgeldap 1.0D/1.0E/1.0G Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-2251 | Astaro | Remote Security vulnerability in Security Linux The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks. | 5.0 |
2004-12-31 | CVE-2004-2244 | Oracle | Denial Of Service vulnerability in Oracle Application Server and Oracle9I The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD. | 5.0 |
2004-12-31 | CVE-2004-2227 | Mozilla | Remote Security vulnerability in Firefox Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions. | 5.0 |
2004-12-31 | CVE-2004-2226 | Mozilla | Remote Security vulnerability in Mozilla Thunderbird 0.8/1.7.1/1.7.3 Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server. | 5.0 |
2004-12-31 | CVE-2004-2225 | Mozilla | Unspecified vulnerability in Mozilla Firefox Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | 5.0 |
2004-12-31 | CVE-2004-2224 | Appfoundry | Denial-Of-Service vulnerability in Appfoundry Message Foundry 2.75.0003 Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | 5.0 |
2004-12-31 | CVE-2004-2223 | Fsphpgallery | Input Validation vulnerability in FsPHPGallery FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | 5.0 |
2004-12-31 | CVE-2004-2220 | F Secure | Unspecified vulnerability in F-Secure Anti-Virus 6.30/6.30Sr1/6.31 F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | 5.0 |
2004-12-31 | CVE-2004-2217 | Ychat | Remote Denial Of Service vulnerability in yChat Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | 5.0 |
2004-12-31 | CVE-2004-2216 | SUN | Remote Denial Of Service vulnerability in SUN products Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | 5.0 |
2004-12-31 | CVE-2004-2213 | Mbedthis Software | Multiple vulnerability in Mbedthis Software AppWeb HTTP Server Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | 5.0 |
2004-12-31 | CVE-2004-2208 | Ideal Science | Remote Input Validation vulnerability in Ideal Science IdealBB CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors. | 5.0 |
2004-12-31 | CVE-2004-2196 | Zanfi Solutions | Remote Security vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1 Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | 5.0 |
2004-12-31 | CVE-2004-2195 | Zanfi Solutions | Remote File Include vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1 PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | 5.0 |
2004-12-31 | CVE-2004-2194 | Mailenable | Remote Denial Of Service vulnerability in MailEnable MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. | 5.0 |
2004-12-31 | CVE-2004-2190 | Unzoo | Directory Traversal vulnerability in Unzoo 4.42 Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | 5.0 |
2004-12-31 | CVE-2004-2187 | Mediawiki | Remote Input Validation vulnerability in Mediawiki 1.3.5 Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors. | 5.0 |
2004-12-31 | CVE-2004-2179 | Microsoft | Remote Denial of Service vulnerability in Microsoft Frontpage and IE asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | 5.0 |
2004-12-31 | CVE-2004-2170 | Niti Telecom | Remote Directory Traversal vulnerability in Niti Telecom Caravan Business Server 2.0003D Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | 5.0 |
2004-12-31 | CVE-2004-2168 | Baardsen Software | Denial-Of-Service vulnerability in Baardsen Software Basomail Server 1.24 BaSoMail 1.24 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections to TCP port (1) 25 (SMTP) or (2) 110 (POP3). | 5.0 |
2004-12-31 | CVE-2004-2165 | Impressions Games | Remote Denial Of Service vulnerability in Impressions Games Lords of the Realm III Nickname Lords of the Realm III 1.01 and earlier, when in the lobby stage, allows remote attackers to cause a denial of service (crash from unallocated memory write) via a long user nickname. | 5.0 |
2004-12-31 | CVE-2004-2164 | Virtual Programming | Denial Of Service vulnerability in Virtual Programming Vp-Asp 5.0 shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption). | 5.0 |
2004-12-31 | CVE-2004-2151 | Virtual Projects | Denial Of Service vulnerability in Virtual Projects Chatma Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size. | 5.0 |
2004-12-31 | CVE-2004-2149 | Oracle | Remote Buffer Overflow vulnerability in MySQL Bounded Parameter Statement Execution Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | 5.0 |
2004-12-31 | CVE-2004-2147 | Symantec | Denial Of Service vulnerability in Symantec Norton AntiVirus Malformed EMail Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | 5.0 |
2004-12-31 | CVE-2004-2146 | PD9 Software | Remote Security vulnerability in Megabbs 2/2.1 CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp. | 5.0 |
2004-12-31 | CVE-2004-2137 | Microsoft | Information Disclosure vulnerability in Microsoft Outlook Express 6.0 Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information. | 5.0 |
2004-12-31 | CVE-2004-2129 | Loom Software | Remote HTTP GET Request Denial Of Service vulnerability in Loom Software SurfNow SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2124 | Gallery Project | Remote Global Variable Injection vulnerability in Gallery The register_globals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. | 5.0 |
2004-12-31 | CVE-2004-2121 | Borland Software | Directory Traversal vulnerability in Borland Webserver for Corel Paradox Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL. | 5.0 |
2004-12-31 | CVE-2004-2112 | Herberlin | Directory Traversal vulnerability in Herberlin Bremsserver 1.2.4 Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL. | 5.0 |
2004-12-31 | CVE-2004-2106 | Novell | Remote Security vulnerability in Novell Netware 5.1/6.0 Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | 5.0 |
2004-12-31 | CVE-2004-2105 | Novell | Remote Security vulnerability in Novell Netware 5.1/6.0 The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | 5.0 |
2004-12-31 | CVE-2004-2104 | Novell | Multiple vulnerability in Novell Netware 5.1/6.0 Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm. | 5.0 |
2004-12-31 | CVE-2004-2101 | Geovision | Denial-Of-Service vulnerability in Geohttpserver The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-2100 | Geovision | Security Bypass vulnerability in Geohttpserver GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | 5.0 |
2004-12-31 | CVE-2004-2095 | Niels Provos | Remote Virtual Host Detection vulnerability in Honeyd Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd. | 5.0 |
2004-12-31 | CVE-2004-2081 | Karjasoft | Denial Of Service vulnerability in Karjasoft Sami FTP Server 1.1.3 The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file. | 5.0 |
2004-12-31 | CVE-2004-2075 | Sophos | Denial Of Service vulnerability in Sophos Anti-Virus MIME Header Handling Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated. | 5.0 |
2004-12-31 | CVE-2004-2074 | Bolintech | Unspecified vulnerability in Bolintech Dream FTP Server 1.02 Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands. | 5.0 |
2004-12-31 | CVE-2004-2069 | Openbsd | Remote Denial Of Service vulnerability in OpenSSH LoginGraceTime sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption). | 5.0 |
2004-12-31 | CVE-2004-2068 | Leafnode | Denial-Of-Service vulnerability in Leafnode fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an empty NNTP news article with missing mandatory headers. | 5.0 |
2004-12-31 | CVE-2004-2060 | Xlinesoft | Multiple vulnerability in XLineSoft ASPRunner ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names. | 5.0 |
2004-12-31 | CVE-2004-2059 | Xlinesoft | Multiple vulnerability in XLineSoft ASPRunner Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp. | 5.0 |
2004-12-31 | CVE-2004-2058 | Xlinesoft | Multiple vulnerability in XLineSoft ASPRunner ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages. | 5.0 |
2004-12-31 | CVE-2004-2054 | Phpbb Group | HTTP Response Splitting vulnerability in PHPBB CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via (1) the mode parameter to privmsg.php or (2) the redirect parameter to login.php. | 5.0 |
2004-12-31 | CVE-2004-2046 | APC | Denial Of Service vulnerability in APC Powerchute 6.0/7.1 Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack vectors. | 5.0 |
2004-12-31 | CVE-2004-2045 | Conceptronic | Denial Of Service vulnerability in Conceptronic Cadslr1 Adsl Router 3.04N The HTTP administration interface on Conceptronic CADSLR1 ADSL router running firmware 3.04n allows remote attackers to cause a denial of service (device reboot) via an HTTP request with a long username. | 5.0 |
2004-12-31 | CVE-2004-2019 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. | 5.0 |
2004-12-31 | CVE-2004-1958 | Epic Games | Remote Arbitrary File Overwrite vulnerability in Epic Games products Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. | 5.0 |
2004-12-31 | CVE-2004-1953 | Phprofession | Multiple vulnerability in PHProfession 2.5 phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message. | 5.0 |
2004-12-31 | CVE-2004-1951 | Xine | Remote File Overwrite vulnerability in Xine Xine, Xine-Lib and Xine-Ui xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link. | 5.0 |
2004-12-31 | CVE-2004-1937 | Nuked Klan | Multiple vulnerability in Nuked-Klan Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to read or include arbitrary files via .. | 5.0 |
2004-12-31 | CVE-2004-1912 | Francisco Burzi Shiba Design | Multiple vulnerability in NukeCalendar The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote attackers to obtain sensitive information via a URL with an invalid argument, which reveals the full path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1910 | Symantec | Denial Of Service vulnerability in Symantec Security Check Virus Detection COM Object rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. | 5.0 |
2004-12-31 | CVE-2004-1908 | Mcafee | Information Disclosure vulnerability in Mcafee FreeScan CoMcFreeScan Browser McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters. | 5.0 |
2004-12-31 | CVE-2004-1906 | Mcafee | Buffer Overflow vulnerability in Mcafee FreeScan CoMcFreeScan Browser Object Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-1905 | Panda | Denial of Service vulnerability in Panda Activescan 5.0 ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) by calling the SetSitesFile function. | 5.0 |
2004-12-31 | CVE-2004-1899 | Tildeslash | Remote vulnerability in Multiple Monit Administration Interface The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one overflow via a POST that contains 1024 bytes. | 5.0 |
2004-12-31 | CVE-2004-1897 | Tildeslash | Remote vulnerability in Multiple Monit Administration Interface Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read. | 5.0 |
2004-12-31 | CVE-2004-1893 | Macromedia | Remote User Database Access vulnerability in Macromedia Dreamweaver Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a direct request to mmhttpdb.asp. | 5.0 |
2004-12-31 | CVE-2004-1891 | SGI | Remote Security vulnerability in SGI Irix 6.5.20 The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. | 5.0 |
2004-12-31 | CVE-2004-1889 | SGI | Denial Of Service vulnerability in SGI IRIX ftpd Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows. | 5.0 |
2004-12-31 | CVE-2004-1887 | ADA | Remote Directory Listing vulnerability in ADA Imgsvr 0.4 Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null). | 5.0 |
2004-12-31 | CVE-2004-1880 | Openldap | Denial-Of-Service vulnerability in OpenLDAP Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption). | 5.0 |
2004-12-31 | CVE-2004-1869 | Nival Interactive | Remote Denial Of Service vulnerability in Nival Interactive Etherlords and Etherlords II Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a denial of service (crash) by sending a packet that specifies the size for the next packet, then sending a larger packet than specified, which causes Etherlords to read unallocated memory. | 5.0 |
2004-12-31 | CVE-2004-1860 | XMB Forum | Buffer Overflow vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker. | 5.0 |
2004-12-31 | CVE-2004-1858 | HP | HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character. | 5.0 |
2004-12-31 | CVE-2004-1832 | Apple | Remote Buffer Overflow vulnerability in Apple mac OS X Server 10.3 Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660. | 5.0 |
2004-12-31 | CVE-2004-1831 | Techland | Denial of Service vulnerability in Techland Chrome 1.2.0 Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large length value, which leads to a null dereference or out-of-bounds read. | 5.0 |
2004-12-31 | CVE-2004-1828 | Belchior Foundry | Authentication Bypass vulnerability in Belchior Foundry Vcard 2.8/2.9 Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php. | 5.0 |
2004-12-31 | CVE-2004-1814 | Vocaltec | Remote Authentication Bypass vulnerability in Vocaltec Vgw4 8 Telephony Gateway 8.0 Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allows remote attackers to read protected files via .. | 5.0 |
2004-12-31 | CVE-2004-1810 | Opera | Unspecified vulnerability in Opera Browser The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array. | 5.0 |
2004-12-31 | CVE-2004-1805 | Epic Games | Remote Format String vulnerability in Epic Games Unreal Engine 226F/433/436 Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. | 5.0 |
2004-12-31 | CVE-2004-1804 | Invicta | Remote Denial Of Service vulnerability in Invicta Wmcam Server 2.1.348 wMCam server 2.1.348 allows remote attackers to cause a denial of service (no new connections) via multiple malformed HTTP requests without the GET command. | 5.0 |
2004-12-31 | CVE-2004-1802 | Lionmax Software | Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page. | 5.0 |
2004-12-31 | CVE-2004-1801 | Pwebserver | Remote Directory Traversal vulnerability in Pwebserver web Server 0.3.0/0.3.2/0.3.3 Directory traversal vulnerability in PWebServer 0.3.3 allows remote attackers to read arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-1792 | Yatsoft | Remote Denial Of Service vulnerability in YaSoft Switch Off Large Packet swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000). | 5.0 |
2004-12-31 | CVE-2004-1788 | ASP Nuke | Remote User Database Access vulnerability in ASP-Nuke 1.0/1.2/1.3 ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb. | 5.0 |
2004-12-31 | CVE-2004-1777 | Skype Technologies | Improper Input Validation vulnerability in Skype Technologies Skype 0.98.0.04 A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114. | 5.0 |
2004-12-31 | CVE-2004-1775 | Cisco | Unspecified vulnerability in Cisco Catos and IOS Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | 5.0 |
2004-12-31 | CVE-2004-1750 | VNC | Remote Denial of Service vulnerability in VNC Realvnc 4.0 RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900. | 5.0 |
2004-12-31 | CVE-2004-1736 | THE Cacti Group | Unspecified vulnerability in the Cacti Group Cacti 0.8.5A Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message. | 5.0 |
2004-12-31 | CVE-2004-1723 | PHP Fusion | Information Disclosure vulnerability in PHP Fusion PHP Fusion 4.00 The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1590 | Clientexec | Information Disclosure vulnerability in Clientexec 2.2.1 Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function. | 5.0 |
2004-12-31 | CVE-2004-1587 | Monolith Productions | Remote Buffer Overflow vulnerability in Monolith Lithtech Game Engine Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query. | 5.0 |
2004-12-31 | CVE-2004-1585 | Jera Technology | Remote Denial of Service vulnerability in Jera Technology Flash Messaging 5.2/5.2G Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters. | 5.0 |
2004-12-31 | CVE-2004-1584 | Wordpress | Unspecified vulnerability in Wordpress 1.2 CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter. | 5.0 |
2004-12-31 | CVE-2004-1581 | Blackboard | Information Disclosure vulnerability in Blackboard 1.5.1 BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | 5.0 |
2004-12-31 | CVE-2004-1579 | Devellion | Information Disclosure vulnerability in Devellion Cubecart 2.0.1 index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message. | 5.0 |
2004-12-31 | CVE-2004-1577 | Greg Donald | Information Disclosure vulnerability in Phplinks index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1576 | Megalo | Format string vulnerability in Judge Dredd: Dredd vs. | 5.0 |
2004-12-31 | CVE-2004-1575 | Apache | Denial Of Service vulnerability in Apache Xerces-C++ 2.5.0 The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document. | 5.0 |
2004-12-31 | CVE-2004-1572 | AJ Fork | Unspecified vulnerability in Aj-Fork 167 AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. | 5.0 |
2004-12-31 | CVE-2004-1571 | AJ Fork | Information Disclosure vulnerability in Aj-Fork 167 AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-disable-comments.php, (9) filter-by-author.php, (10) format-switcher.php, (11) long-to-short.php, (12) prospective-posting.php, or (13) sort-by-xfield.php, which displays the full path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1568 | Parachat | Directory Traversal vulnerability in Parachat Server 5.5 Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL. | 5.0 |
2004-12-31 | CVE-2004-1565 | W Agora | Remote Input Validation vulnerability in W-Agora 4.1.6A list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter. | 5.0 |
2004-12-31 | CVE-2004-1564 | W Agora | Remote Input Validation vulnerability in W-Agora 4.1.6A CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter. | 5.0 |
2004-12-31 | CVE-2004-1560 | Microsoft | Remote Denial Of Service vulnerability in Microsoft SQL Server 7.0 Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-1556 | Mywebserver | Remote vulnerability in Mywebserver 1.0.3 MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time. | 5.0 |
2004-12-31 | CVE-2004-1549 | Onnuri Infotek | Remote vulnerability in Onnuri Infotek Activepost Standard 3.1 The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection. | 5.0 |
2004-12-31 | CVE-2004-1548 | Onnuri Infotek | Remote vulnerability in Onnuri Infotek Activepost Standard 3.1 Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-1547 | Onnuri Infotek | Remote vulnerability in ActivePost Messenger The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-1546 | ALT N | Remote Buffer Overflow vulnerability in Alt-N Mdaemon 6.5.1 Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. | 5.0 |
2004-12-31 | CVE-2004-1545 | Moniwiki | Remote Server-Side Script Execution vulnerability in Moniwiki 1.0.8/1.0.9/1.0.9.1 UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code. | 5.0 |
2004-12-31 | CVE-2004-1543 | Korweblog | Remote Directory Listing vulnerability in Korweblog 1.6.2Cvs Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to list arbitrary directories via a .. | 5.0 |
2004-12-31 | CVE-2004-1542 | Raven Software | Buffer Overflow vulnerability in Raven Software Soldier Of Fortune 2 Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply. | 5.0 |
2004-12-31 | CVE-2004-1540 | Zyxel | Remote Administration Configuration Reset vulnerability in Zyxel Prestige and Zynos ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file. | 5.0 |
2004-12-31 | CVE-2004-1539 | Gearbox Software | Remote Denial Of Service vulnerability in Gearbox Software Halo Game Client Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. | 5.0 |
2004-12-31 | CVE-2004-1534 | Zonelabs | Remote Ad-Blocking Denial Of Service vulnerability in Zone Labs ZoneAlarm ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. | 5.0 |
2004-12-31 | CVE-2004-1533 | Digital Mappings Systems | Remote Buffer Overrun vulnerability in Digital Mappings Systems Pop3 Server 1.5.3Build37 Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password. | 5.0 |
2004-12-31 | CVE-2004-1528 | ROB Sutton | Remote vulnerability in ROB Sutton PHP-Nuke Event Calendar 2.13 The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php, (2) index.php, or (3) submit.php, which reveal the full path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1527 | Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers to hijack web sessions. | 5.0 | |
2004-12-31 | CVE-2004-1525 | NEW Media Generation | Remote vulnerability in New Media Generation Hired Team: Trial Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via the status command. | 5.0 |
2004-12-31 | CVE-2004-1524 | NEW Media Generation | Remote vulnerability in NEW Media Generation Hired Team Trial 2.1/2.2 Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (game interruption) via a malformed UDP packet sent to a game port, such as port 29200. | 5.0 |
2004-12-31 | CVE-2004-1523 | NEW Media Generation | Remote vulnerability in NEW Media Generation Hired Team Trial 2.0/2.1/2.2 Format string vulnerability in the game console in Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a message. | 5.0 |
2004-12-31 | CVE-2004-1522 | 3DO | Remote Format String vulnerability in 3DO Army MEN Real Time Strategy Game 1.0 Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash) via a nickname that contains format strings. | 5.0 |
2004-12-31 | CVE-2004-1521 | Qualcomm | Remote Security vulnerability in Qualcomm Eudora 6.2.0.14 Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers. | 5.0 |
2004-12-31 | CVE-2004-1516 | Phpwebsite | Unspecified vulnerability in PHPwebsite CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module. | 5.0 |
2004-12-31 | CVE-2004-1514 | Soft3304 | Remote vulnerability in Soft3304 04Webserver 1.42 04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via an HTTP request for an MS-DOS device name such as COM2. | 5.0 |
2004-12-31 | CVE-2004-1513 | Soft3304 | Remote vulnerability in Soft3304 04Webserver 1.42 04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries. | 5.0 |
2004-12-31 | CVE-2004-1511 | Hotfoon Corporation | Remote Security vulnerability in Hotfoon Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote attackers to execute arbitrary code via a certain link sent in a chat window. | 5.0 |
2004-12-31 | CVE-2004-1509 | Webcalendar | Remote vulnerability in WebCalendar validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1507 | Webcalendar | Remote vulnerability in WebCalendar CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the return_path parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server. | 5.0 |
2004-12-31 | CVE-2004-1504 | Salims Softhouse | Information Disclosure vulnerability in Salims Softhouse JAF CMS 3.0 The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to gain sensitive information via a blank show parameter, which reveals the installation path in an error message, as demonstrated using index.php. | 5.0 |
2004-12-31 | CVE-2004-1503 | SUN | Remote Denial Of Service vulnerability in Sun Java Runtime Environment InitialDirContext Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. | 5.0 |
2004-12-31 | CVE-2004-1502 | Software602 | Denial-Of-Service vulnerability in 602Lan Suite The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop. | 5.0 |
2004-12-31 | CVE-2004-1501 | Software602 | Denial-Of-Service vulnerability in 602Lan Suite The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data. | 5.0 |
2004-12-31 | CVE-2004-1496 | Minihttpserver NET | Directory Traversal vulnerability in Minihttpserver.Net web Forums Server 1.6/2.0Powerpack Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing (1) "..\" (dot dot backslash), (2) "../" (dot dot slash), (3) "/%2E%2E%5C" (encoded dot dot backslash), or (4) "%2E%2E%2F" (encoded dot dot slash). | 5.0 |
2004-12-31 | CVE-2004-1494 | Kingsoft | Denial-Of-Service vulnerability in Xdict Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. | 5.0 |
2004-12-31 | CVE-2004-1493 | Quicksilver | Remote Denial of Service vulnerability in Quicksilver Master of Orion III Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow. | 5.0 |
2004-12-31 | CVE-2004-1492 | Quicksilver | Remote Denial of Service vulnerability in Quicksilver Master of Orion III Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | 5.0 |
2004-12-31 | CVE-2004-1491 | Opera Gentoo KDE Suse | Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | 5.0 |
2004-12-31 | CVE-2004-1484 | Socat | Remote Format String vulnerability in Socat Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message. | 5.0 |
2004-12-31 | CVE-2004-1474 | Symantec | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file. | 5.0 |
2004-12-31 | CVE-2004-1473 | Symantec | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. | 5.0 |
2004-12-31 | CVE-2004-1472 | Symantec | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface. | 5.0 |
2004-12-31 | CVE-2004-1470 | Snipsnap | Unspecified vulnerability in Snipsnap 0.5.2A CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. | 5.0 |
2004-12-31 | CVE-2004-1459 | Cisco | Multiple vulnerability in Cisco Secure Access Control Server Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests. | 5.0 |
2004-12-31 | CVE-2004-1458 | Cisco | Multiple vulnerability in Cisco products The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002. | 5.0 |
2004-12-31 | CVE-2004-1457 | Novell | Remote Denial Of Service vulnerability in Novell Bordermanager 3.8 The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite. | 5.0 |
2004-12-31 | CVE-2004-1454 | Cisco | Remote Denial Of Service vulnerability in Cisco IOS OSPF Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. | 5.0 |
2004-12-31 | CVE-2004-1450 | Mozilla | Remote Security vulnerability in Mozilla 1.7 Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations. | 5.0 |
2004-12-31 | CVE-2004-1447 | Jetbox | Unspecified vulnerability in Jetbox ONE CMS 2.0.8 Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information. | 5.0 |
2004-12-31 | CVE-2004-1446 | Juniper | Denial Of Service vulnerability in Juniper Networks NetScreen SSHv1 Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. | 5.0 |
2004-12-31 | CVE-2004-1444 | Roundup Tracker | Path Traversal vulnerability in Roundup-Tracker Roundup Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. | 5.0 |
2004-12-31 | CVE-2004-1435 | Cisco | Multiple vulnerability in Cisco ONS Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). | 5.0 |
2004-12-31 | CVE-2004-1434 | Cisco | Multiple vulnerability in Cisco ONS Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets. | 5.0 |
2004-12-31 | CVE-2004-1433 | Cisco | Multiple vulnerability in Cisco ONS Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets. | 5.0 |
2004-12-31 | CVE-2004-1432 | Cisco | Multiple vulnerability in Cisco ONS Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets. | 5.0 |
2004-12-31 | CVE-2004-1431 | JOE Lumbroso | Remote File Access vulnerability in Joe Lumbroso FormMail.php Arbitrary FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in the ar_file (auto-reply) parameter. | 5.0 |
2004-12-31 | CVE-2004-1426 | Korweblog | Remote File Include vulnerability in Korweblog 1.6.1/1.6.2Cvs Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. | 5.0 |
2004-12-31 | CVE-2004-1425 | Moodle | Unspecified vulnerability in Moodle Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. | 5.0 |
2004-12-31 | CVE-2004-1422 | WHM | Remote vulnerability in WHM Autopilot 2.4.5/2.4.6/2.4.6.5 WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo, which reveals php settings. | 5.0 |
2004-12-31 | CVE-2004-1415 | Ben3W | Remote SQL Injection vulnerability in 2Bgal 2.4/2.5.1 SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter. | 5.0 |
2004-12-31 | CVE-2004-1414 | Gadu Gadu | Denial-Of-Service vulnerability in Gadu-Gadu Instant Messenger 6.1Build156 Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images. | 5.0 |
2004-12-31 | CVE-2004-1413 | Kayako | Cross-Site Scripting and SQL Injection vulnerability in Kayako ESupport Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature. | 5.0 |
2004-12-31 | CVE-2004-1409 | Singapore | Remote vulnerability in Singapore Image Gallery web Application 0.9.10 Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML. | 5.0 |
2004-12-31 | CVE-2004-1407 | Singapore | Remote vulnerability in Singapore Image Gallery web Application 0.9.10 Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php. | 5.0 |
2004-12-31 | CVE-2004-1399 | Opentools | Remote vulnerability in Opentools Attachment Mod Directory traversal vulnerability in the Attachment module 2.3.10 and earlier for phpBB allows remote attackers to read arbitrary files via a .. | 5.0 |
2004-12-31 | CVE-2004-1395 | Monolith Productions | Remote Denial Of Service vulnerability in Monolith Productions Contract Jack, NO ONE Lives Forever 2 and Tron The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. | 5.0 |
2004-12-31 | CVE-2004-1393 | SUN | Denial Of Service vulnerability in Sun Solaris TCSetAttr System Hang Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | 5.0 |
2004-12-31 | CVE-2004-1392 | PHP | Unspecified vulnerability in PHP PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | 5.0 |
2004-12-31 | CVE-2004-1385 | Phpgroupware | Information Disclosure vulnerability in Phpgroupware phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain sensitive information via (1) unexpected characters in the session ID such as shell metacharacters, (2) an invalid appname parameter to preferences.php or (3) an invalid menuaction parameter to index.php, which reveals the web server path in an error message. | 5.0 |
2004-12-31 | CVE-2004-1343 | CVS | Unspecified vulnerability in CVS CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash). | 5.0 |
2004-12-31 | CVE-2004-1200 | Mozilla | Denial Of Service vulnerability in Mozilla Firefox Infinite Array Sort Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | 5.0 |
2004-12-31 | CVE-2004-1198 | Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | 5.0 | |
2004-12-31 | CVE-2004-1186 | GNU | Multiple vulnerability in GNU Enscript 1.6.3 Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash). | 5.0 |
2004-12-31 | CVE-2004-1043 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer and Windows XP Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability." | 5.0 |
2004-12-31 | CVE-2004-0931 | Mysql | Denial of Service vulnerability in MySQL MaxDB WebDBM Server Name MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function. | 5.0 |
2004-12-31 | CVE-2004-0829 | Samba | Unspecified vulnerability in Samba smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | 5.0 |
2004-12-31 | CVE-2004-0825 | Apple | Denial of Service vulnerability in Apple mac OS X Server 10.2.8/10.3.4/10.3.5 QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | 5.0 |
2004-12-31 | CVE-2004-0808 | Samba | Unspecified vulnerability in Samba The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | 5.0 |
2004-12-31 | CVE-2004-0789 | Delegate Dnrd DON Moore Maradns Pliant Posadis Qbik Team Johnlong Axis | Denial Of Service vulnerability in Multiple Vendor DNS Response Flooding Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. | 5.0 |
2004-12-31 | CVE-2004-0592 | Suse | Denial-Of-Service vulnerability in Suse Linux 2.6.5 The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626. | 5.0 |
2004-12-31 | CVE-2004-0498 | Stonesoft | Denial-Of-Service vulnerability in Firewall Engine The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlier allows remote attackers to cause a denial of service (crash) via crafted H.323 packets. | 5.0 |
2004-12-31 | CVE-2004-0467 | Juniper | Remote Denial Of Service vulnerability in Juniper Networks JUNOS Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at which other packets are processed. | 5.0 |
2004-12-31 | CVE-2004-0465 | Openconnect | Unspecified vulnerability in Openconnect Webconnect 6.4.4/6.5 Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter. | 5.0 |
2004-12-30 | CVE-2004-1376 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Directory traversal vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious FTP servers to overwrite arbitrary files via .. | 5.0 |
2004-12-29 | CVE-2004-1316 | Mozilla | Remote Heap Overflow vulnerability in Mozilla Browser Network News Transport Protocol Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated. | 5.0 |
2004-12-31 | CVE-2004-2665 | HP | Denial-Of-Service vulnerability in HP Hp-Ux 11.00/11.11/11.4 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors. | 4.9 |
2004-12-31 | CVE-2004-2650 | Apache | Denial Of Service vulnerability in Apache James 2.2.0 Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak. | 4.9 |
2004-12-31 | CVE-2004-2730 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping. | 4.6 |
2004-12-31 | CVE-2004-2615 | Cutephp | Local Security vulnerability in Cutephp Cutenews 1.3.6 The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact. | 4.6 |
2004-12-31 | CVE-2004-2611 | Steven Schaefer | Denial-Of-Service vulnerability in Sophster The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities. | 4.6 |
2004-12-31 | CVE-2004-2610 | Stefan Bambach | Local Security vulnerability in Mntd mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. | 4.6 |
2004-12-31 | CVE-2004-2552 | TIM Mann | Local Security vulnerability in Xboard Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. | 4.6 |
2004-12-31 | CVE-2004-2490 | IBM | Local Privilege Escalation vulnerability in IBM products Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH environment variable. | 4.6 |
2004-12-31 | CVE-2004-2489 | IBM | Local Privilege Escalation vulnerability in IBM Informix Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename. | 4.6 |
2004-12-31 | CVE-2004-2481 | Myproxy | Local Security vulnerability in Myproxy 6.58 MyProxy 6.58 allows remote authenticated users in the Users Tab to connect to arbitrary hosts from the MyProxy server, possibly bypassing access restrictions, by connecting to the proxy and issuing a CONNECT command. | 4.6 |
2004-12-31 | CVE-2004-2462 | Cplay | Symbolic Link vulnerability in Cplay 1.49 cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplay_control temporary file. | 4.6 |
2004-12-31 | CVE-2004-2306 | SUN | Unspecified vulnerability in SUN Solaris and Sunos Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | 4.6 |
2004-12-31 | CVE-2004-2229 | Oracle | Multiple Unspecified vulnerability in Oracle9i Lite Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | 4.6 |
2004-12-31 | CVE-2004-2215 | Marc Lehmann | Unspecified vulnerability in Marc Lehmann Rxvt-Unicode 3.4/3.5 RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | 4.6 |
2004-12-31 | CVE-2004-2176 | Microsoft | Unspecified vulnerability in Microsoft Windows XP The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls. | 4.6 |
2004-12-31 | CVE-2004-2126 | ISS | Unspecified vulnerability in ISS Blackice PC Protection The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers. | 4.6 |
2004-12-31 | CVE-2004-2125 | ISS | Local Buffer Overrun vulnerability in Internet Security Systems BlackICE PC Protection blackd.exe Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value. | 4.6 |
2004-12-31 | CVE-2004-2050 | Esesix | Multiple vulnerability in eSeSIX Thintune Thin Client Devices eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell. | 4.6 |
2004-12-31 | CVE-2004-2049 | Esesix | Multiple vulnerability in eSeSIX Thintune Thin Client Devices eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access. | 4.6 |
2004-12-31 | CVE-2004-1781 | Info Touch | Denial Of Service vulnerability in Info Touch Surfnet 1.31 Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command. | 4.6 |
2004-12-31 | CVE-2004-1780 | Info Touch | Unspecified vulnerability in Info Touch Surfnet 1.31 Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authentication attempts. | 4.6 |
2004-12-31 | CVE-2004-1772 | GNU | Buffer Overflow vulnerability in GNU Sharutils 4.2/4.2.1 Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument. | 4.6 |
2004-12-31 | CVE-2004-1757 | BEA | Unspecified vulnerability in BEA Weblogic Server 6.1/7.0/8.1 BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges. | 4.6 |
2004-12-31 | CVE-2004-1520 | Ipswitch | Remote Buffer Overflow vulnerability in Ipswitch Imail 8.13 Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. | 4.6 |
2004-12-31 | CVE-2004-1518 | Phorum | SQL Injection vulnerability in Phorum FOLLOW.PHP SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbitrary SQL command via the forum_id parameter. | 4.6 |
2004-12-31 | CVE-2004-1497 | Minihttpserver NET | Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. | 4.6 |
2004-12-31 | CVE-2004-1448 | Jetbox | Remote Server-Side Script Execution vulnerability in Jetbox ONE CMS 2.0.8 Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code. | 4.6 |
2004-12-31 | CVE-2004-1398 | Roxio | Local Format String vulnerability in Roxio Toast TDIXSupport Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument. | 4.6 |
2004-12-31 | CVE-2004-1394 | SUN | Unspecified vulnerability in SUN Solaris and Sunos The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. | 4.6 |
2004-12-31 | CVE-2004-1391 | QNX | Local Command Execution vulnerability in QNX Rtos and RTP Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program. | 4.6 |
2004-12-31 | CVE-2004-0997 | Linux | Local Privilege Escalation vulnerability in Linux Kernel MIPS Ptrace Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. | 4.6 |
2004-12-31 | CVE-2004-0979 | Microsoft | Unspecified vulnerability in Microsoft IE, Internet Explorer and Windows XP Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration. | 4.6 |
2004-12-31 | CVE-2004-0919 | Freebsd | Unspecified vulnerability in Freebsd The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates. | 4.6 |
2004-12-31 | CVE-2004-0913 | Ecartis | Remote Undisclosed Privilege Escalation vulnerability in Ecartis Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration. | 4.6 |
2004-12-31 | CVE-2004-0907 | Mozilla | Unspecified vulnerability in Mozilla and Thunderbird The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code. | 4.6 |
2004-12-31 | CVE-2004-0906 | Mozilla | Unspecified vulnerability in Mozilla and Thunderbird The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code. | 4.6 |
2004-12-31 | CVE-2004-2731 | Linux | Numeric Errors vulnerability in Linux Kernel Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function. | 4.4 |
2004-12-31 | CVE-2004-2729 | Hummingbird | Permissions, Privileges, and Access Controls vulnerability in Hummingbird Connectivity 7.1/9.0 Inetd32 Administration Tool of Hummingbird Connectivity 7.1 and 9.0 allows local users to execute arbitrary code by changing the program for handling incoming connections. | 4.4 |
2005-01-01 | CVE-2005-0266 | Sugarcrm | Cross-Site Scripting vulnerability in SugarCRM Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter. | 4.3 |
2004-12-31 | CVE-2004-2757 | Novell | Cross-Site Scripting vulnerability in Novell Ichain 2.1/2.2 Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter. | 4.3 |
2004-12-31 | CVE-2004-2756 | Xoops | Cross-Site Scripting vulnerability in Xoops Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters. | 4.3 |
2004-12-31 | CVE-2004-2755 | Symantec | Cross-Site Scripting vulnerability in Symantec web Security 2.5/3.0/3.0.1 Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in (1) error or (2) block page messages. | 4.3 |
2004-12-31 | CVE-2004-2752 | Postnuke Software Foundation | Cross-Site Scripting vulnerability in Postnuke Software Foundation Postnuke 0.726 Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action. | 4.3 |
2004-12-31 | CVE-2004-2749 | 2Wire | Path Traversal vulnerability in 2Wire Homeportal Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. | 4.3 |
2004-12-31 | CVE-2004-2748 | Webtrends | Information Exposure vulnerability in Webtrends Reporting Center 6.1A viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message. | 4.3 |
2004-12-31 | CVE-2004-2742 | Businessobjects | Cross-Site Scripting vulnerability in Businessobjects Crystal Enterprise 10/8.5/9 Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RPT) file. | 4.3 |
2004-12-31 | CVE-2004-2741 | Horde | Cross-Site Scripting vulnerability in Horde Application Framework Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters. | 4.3 |
2004-12-31 | CVE-2004-2740 | Phprojekt | Code Injection vulnerability in PHProjekt PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows remote attackers to include arbitrary PHP code via a URL in the path_pre parameter. | 4.3 |
2004-12-31 | CVE-2004-2738 | Zeroboard | Cross-Site Scripting vulnerability in Zeroboard 4.1Pl2/4.1Pl3/4.1Pl4 Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. | 4.3 |
2004-12-31 | CVE-2004-2735 | Fredric Fredricson | Cross-Site Scripting vulnerability in Fredric Fredricson P4Db Cross-site scripting (XSS) vulnerability in P4DB 2.01 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) SET_PREFERENCES parameter in SetPreferences.cgi; (2) BRANCH parameter in branchView.cgi; (3) FSPC and (4) COMPLETE parameters in changeByUsers.cgi; (5) FSPC, (6) LABEL, (7) EXLABEL, (8) STATUS, (9) MAXCH, (10) FIRSTCH, (11) CHOFFSETDISP, (12) SEARCHDESC, (13) SEARCH_INVERT, (14) USER, (15) GROUP, and (16) CLIENT parameters in changeList.cgi; (17) CH parameter in changeView.cgi; (18) USER parameter in clientList.cgi; (19) CLIENT parameter in clientView.cgi; (20) FSPC parameter in depotTreeBrowser.cgi; (21) FSPC parameter in depotStats.cgi; (22) FSPC, (23) REV, (24) ACT, (25) FSPC2, (26) REV2, (27) CH, and (28) CONTEXT parameters in fileDiffView.cgi; (29) FSPC and (30) REV parameters in fileDownLoad.cgi; (31) FSPC, (32) LISTLAB, and (33) SHOWBRANCH parameters in fileLogView.cgi; (34) FSPC and (35) LABEL parameters in fileSearch.cgi; (36) FSPC, (37) REV, and (38) FORCE parameters in fileViewer.cgi; (39) FSPC parameter in filesChangedSince.cgi; (40) GROUP parameter in groupView.cgi; (41) TYPE, (42) FSPC, and (43) REV parameters in htmlFileView.cgi; (44) CMD parameter in javaDataView.cgi; (45) JOBVIEW and (46) FLD parameters in jobList.cgi; (47) JOB parameter in jobView.cgi; (48) LABEL1 and (49) LABEL2 parameters in labelDiffView.cgi; (50) LABEL parameter in labelView.cgi; (51) FSPC parameter in searchPattern.cgi; (52) TYPE, (53) FSPC, and (54) REV parameters in specialFileView.cgi; (55) GROUPSONLY parameter in userList.cgi; or (56) USER parameter in userView.cgi. | 4.3 |
2004-12-31 | CVE-2004-2732 | Netbilling | OS Command Injection vulnerability in Netbilling 2.0 nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the cmd=test option, which can be leveraged to determine the access key. | 4.3 |
2004-12-31 | CVE-2004-2727 | Mailenable | Buffer Errors vulnerability in Mailenable 1.5/1.6/1.7 Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request. | 4.3 |
2004-12-31 | CVE-2004-2725 | Aztek Forum | Cross-Site Scripting vulnerability in Aztek Forum Aztek Forum 4.0 Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in (c) forum_2.php. | 4.3 |
2004-12-31 | CVE-2004-2721 | Heiko Stamer | Cryptographic Issues vulnerability in Heiko Stamer Openskat The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages. | 4.3 |
2004-12-31 | CVE-2004-2720 | Snitz Communications | Cross-Site Scripting vulnerability in Snitz Communications Snitz Forums 2000 Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter. | 4.3 |
2004-12-31 | CVE-2004-2718 | PHP Heaven | Permissions, Privileges, and Access Controls vulnerability in PHP Heaven PHPmychat 0.14.5 PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request. | 4.3 |
2004-12-31 | CVE-2004-2704 | Hastymail Microsoft | Cross-Site Scripting vulnerability in multiple products Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks. | 4.3 |
2004-12-31 | CVE-2004-2703 | Clearswift | Cryptographic Issues vulnerability in Clearswift products Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted". | 4.3 |
2004-12-31 | CVE-2004-2702 | Swsoft | Cross-Site Scripting vulnerability in Swsoft Plesk 7.0/7.1 Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the login_name parameter. | 4.3 |
2004-12-31 | CVE-2004-2701 | Aspdotnetstorefront | Cross-Site Scripting vulnerability in Aspdotnetstorefront 3.3 Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter. | 4.3 |
2004-12-31 | CVE-2004-2699 | Aspdotnetstorefront | Permissions, Privileges, and Access Controls vulnerability in Aspdotnetstorefront 3.3 deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter. | 4.3 |
2004-12-31 | CVE-2004-2688 | Newsphp | Cross-Site Scripting vulnerability in Newsphp Cross-site scripting (XSS) vulnerability in index.php in NewsPHP allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. | 4.3 |
2004-12-31 | CVE-2004-2656 | Open Source Development Network | Security vulnerability in Open Source Development Network Slashcode 2.2.5 Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) before R_2_5_0_41 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in search.pl and (2) the filter parameter in submit.pl. | 4.3 |
2004-12-31 | CVE-2004-2651 | Michael Christen | Cross-Site Scripting vulnerability in YACY Peer-To-Peer Search Engine Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html. | 4.3 |
2004-12-31 | CVE-2004-2624 | Wackowiki | Cross-Site Scripting vulnerability in Wackowiki R3/R3.5 Cross-site scripting (XSS) vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter. | 4.3 |
2004-12-31 | CVE-2004-2618 | Pegasi WEB Server | Input Validation vulnerability in Pegasi web Server Pegasi web Server 0.2.2 Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash). | 4.3 |
2004-12-31 | CVE-2004-2604 | Phproxy | Cross-Site Scripting vulnerability in PHProxy 0.1/0.2/0.3 Cross-site scripting (XSS) vulnerability in index.php in PHProxy allows remote attackers to inject arbitrary web script or HTML via the error parameter. | 4.3 |
2004-12-31 | CVE-2004-2603 | Ubertec | Remote vulnerability in Help Center Live Cross-site scripting (XSS) vulnerability in the Search module in UberTec Help Center Live (HCL) allows remote attackers to inject arbitrary web script or HTML via the find parameter to index.php. | 4.3 |
2004-12-31 | CVE-2004-2585 | Smartertools | Cross-Site Scripting vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area. | 4.3 |
2004-12-31 | CVE-2004-2574 | Phpgroupware | HTML Injection vulnerability in PHPgroupware 0.9.16.000/0.9.16.002/0.9.16.003 Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction. | 4.3 |
2004-12-31 | CVE-2004-2568 | Recipants | SQL Injection and Cross-Site Scripting vulnerability in ReciPants Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields. | 4.3 |
2004-12-31 | CVE-2004-2566 | Liveworld | Cross-Site Scripting vulnerability in Livefocusgroup Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa. | 4.3 |
2004-12-31 | CVE-2004-2564 | Sambar | Multiple vulnerability in Sambar Server 6.1 Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp. | 4.3 |
2004-12-31 | CVE-2004-2550 | Xperience | Undisclosed Cross-Site Scripting vulnerability in SandSurfer Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data. | 4.3 |
2004-12-31 | CVE-2004-2548 | Netwin | Input Validation vulnerability in Netwin Surgemail and Webmail Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. | 4.3 |
2004-12-31 | CVE-2004-2528 | Webcam Corp | Cross-Site Scripting vulnerability in Webcam Corp Webcam Watchdog 4.0.1A Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam Watchdog 4.0.1a allows remote attackers to inject arbitrary web script or HTML via the cam parameter. | 4.3 |
2004-12-31 | CVE-2004-2525 | S9Y | Remote Cross-Site Scripting vulnerability in S9Y Serendipity Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. | 4.3 |
2004-12-31 | CVE-2004-2514 | Powerportal | HTML Injection vulnerability in Powerportal 1.1B/1.3/1.3B Cross-site scripting (XSS) vulnerability in modules/private_messages/index.php in PowerPortal 1.x allows remote attackers to inject arbitrary web script or HTML via the (1) SUBJECT or (2) MESSAGE field. | 4.3 |
2004-12-31 | CVE-2004-2512 | Codeworx Technologies | Unspecified vulnerability in Codeworx Technologies Dcp-Portal CRLF injection vulnerability in calendar.php in DCP-Portal 5.3.2 and earlier allows remote attackers to conduct HTTP response splitting attacks to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the PHPSESSID parameter. | 4.3 |
2004-12-31 | CVE-2004-2511 | Codeworx Technologies | Cross-Site Scripting vulnerability in DCP-Portal Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters in calendar.php; (4) the cid and (5) url parameters in index.php; (6) the cid parameter in annoucement.php; (7) the cid parameter in news.php; (8) the cid parameter in contents.php; (9) the q parameter in search.php; and (10) the country parameter in register.php. | 4.3 |
2004-12-31 | CVE-2004-2510 | Ubbcentral | Cross-Site Scripting vulnerability in UBBCentral UBB.threads Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter. | 4.3 |
2004-12-31 | CVE-2004-2509 | Ubbcentral | Cross-Site Scripting vulnerability in Ubbcentral Ubb.Threads 6.2.3/6.5 Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter. | 4.3 |
2004-12-31 | CVE-2004-2508 | Linksys | Cross-Site Scripting vulnerability in Linksys Wvc11B 2.10 Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter. | 4.3 |
2004-12-31 | CVE-2004-2497 | Hitachi | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2004-12-31 | CVE-2004-2494 | Code Crafters | Multiple vulnerability in Code-Crafters Ability Mail Server Cross-site scripting (XSS) vulnerability in _error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter. | 4.3 |
2004-12-31 | CVE-2004-2492 | Hitachi | Cross-Site Scripting And Directory Traversal vulnerability in Groupmax World Wide Web Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. | 4.3 |
2004-12-31 | CVE-2004-2484 | PHP Gift Registry | Cross-Site Scripting vulnerability in PHP Gift Registry Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php. | 4.3 |
2004-12-31 | CVE-2004-2475 | HTML Injection vulnerability in Google Toolbar About.HTML Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. | 4.3 | |
2004-12-31 | CVE-2004-2468 | Scripts FOR Educators | Cross-Site Scripting vulnerability in Scripts for Educators Sillysearch 2.3 Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2004-12-31 | CVE-2004-2465 | EFS Software | Cross-Site Scripting vulnerability in EFS Software Easy Chat Server 1.2 Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |
2004-12-31 | CVE-2004-2447 | 1ST Class Internet Solutions | Input Validation vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01 Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz. | 4.3 |
2004-12-31 | CVE-2004-2444 | Jaws | Input Validation vulnerability in Jaws 0.3 Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | 4.3 |
2004-12-31 | CVE-2004-2438 | PHP Fusion | SQL and HTML Injection vulnerability in PHP Fusion PHP Fusion 4.01 Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the (1) Submit News, (2) Submit Link or (3) Submit Article field. | 4.3 |
2004-12-31 | CVE-2004-2435 | Peoplesoft | Cross-Site Scripting vulnerability in Peoplesoft Hrms 7.0 Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified (1) debugging or (2) utility scripts. | 4.3 |
2004-12-31 | CVE-2004-2411 | Virtual Programming | Cross-Site Scripting vulnerability in Virtual Programming VP-ASP Shopping Cart Shop$DB.Asp 4.0/4.50/5.0 The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in shopdisplayproducts.asp or (2) the msg parameter in shoperror.asp, and possibly other vectors. | 4.3 |
2004-12-31 | CVE-2004-2402 | Yabb | Cross-Site Scripting vulnerability in YaBB YaBB.pl IMSend Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. | 4.3 |
2004-12-31 | CVE-2004-2358 | Phpbb Group | Multiple vulnerability in PhpBB admin_words.php Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
2004-12-31 | CVE-2004-2355 | Crafty Syntax Live Help | HTML Injection vulnerability in Crafty Syntax Live Help Crafty Syntax Live Help 2.7.3 Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session. | 4.3 |
2004-12-31 | CVE-2004-2352 | Martin Bauer | HTML Injection vulnerability in Martin Bauer Gbook 1.4 Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is not cleansed by PHP-Nuke. | 4.3 |
2004-12-31 | CVE-2004-2351 | Martin Bauer | HTML Injection vulnerability in Martin Bauer Gbook 1.4 Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) name, (2) email, (3) city, and (4) message, which do not use the <script> and <style> tags, which are filtered by PHP-Nuke. | 4.3 |
2004-12-31 | CVE-2004-2346 | Minihttpserver NET | Cross-Site Scripting vulnerability in Forum Web Server Multiple cross-site scripting (XSS) vulnerabilities in Forum Web Server 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the Subject field in post1.htm and (2) the File Description field in postfile2.htm. | 4.3 |
2004-12-31 | CVE-2004-2334 | Emumail | Multiple vulnerability in Emumail EMU Webmail 5.2.7 Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via (1) a hex-encoded value to the variable parameter in emumail.fcgi, (2) the folder parameter in emumail.fcgi, or Javascript in the (3) username or (4) password field in the login page. | 4.3 |
2004-12-31 | CVE-2004-2332 | Cpan | HTML Injection vulnerability in Cpan WWW Form 1.12 Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form before 1.13 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2004-12-31 | CVE-2004-2325 | Dotnetnuke | Multiple vulnerability in DotNetNuke Cross-site scripting (XSS) vulnerability in EditModule.aspx for DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
2004-12-31 | CVE-2004-2310 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Domino 6.5.1 Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. | 4.3 |
2004-12-31 | CVE-2004-2308 | Cpanel | Cross-Site Scripting vulnerability in cPanel dir Parameter Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html. | 4.3 |
2004-12-31 | CVE-2004-2294 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | 4.3 |
2004-12-31 | CVE-2004-2293 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the Reviews module as demonstrated by the url, cover, rlanguage, and hits parameters, or (4) savecomment function in the Reviews module, as demonstrated using the uname parameter. | 4.3 |
2004-12-31 | CVE-2004-2288 | Jelsoft | Unspecified vulnerability in Jelsoft Vbulletin Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter. | 4.3 |
2004-12-31 | CVE-2004-2279 | Invision Power Services | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 1.3Final Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php. | 4.3 |
2004-12-31 | CVE-2004-2278 | Chaogic Systems | Cross-Site Scripting vulnerability in Chaogic Systems VHost Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHost before 3.10r1 has unknown impact and attack vectors. | 4.3 |
2004-12-31 | CVE-2004-2267 | Ansel | Input Validation vulnerability in Ansel Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. | 4.3 |
2004-12-31 | CVE-2004-2261 | E107 | Script HTML Injection vulnerability in e107 Website System Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. | 4.3 |
2004-12-31 | CVE-2004-2246 | Goollery | Cross-Site Scripting vulnerability in Goollery 0.3 Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php. | 4.3 |
2004-12-31 | CVE-2004-2245 | Goollery | Cross-Site Scripting vulnerability in Goollery 0.3 Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php. | 4.3 |
2004-12-31 | CVE-2004-2242 | Phorum | Cross-Site Scripting vulnerability in Phorum 5.0.7Beta Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter. | 4.3 |
2004-12-31 | CVE-2004-2241 | Phorum | Cross-Site Scripting and SQL Injection vulnerability in Phorum 5.0.11 Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. | 4.3 |
2004-12-31 | CVE-2004-2211 | Alivesites | Remote Input Validation vulnerability in Alivesites Forum 2.0 Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp, or (5) the id parameter to post.asp. | 4.3 |
2004-12-31 | CVE-2004-2210 | Express WEB | Cross-Site Scripting vulnerability in Express-Web Content Management System Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. | 4.3 |
2004-12-31 | CVE-2004-2207 | Ideal Science | Remote Input Validation vulnerability in Ideal Science IdealBB Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2004-12-31 | CVE-2004-2200 | Duware | Remote vulnerability in DUware Software Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. | 4.3 |
2004-12-31 | CVE-2004-2199 | Duware | Remote vulnerability in Duware Duclassified 4.0 Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text. | 4.3 |
2004-12-31 | CVE-2004-2193 | Cjoverkill | Cross-Site Scripting vulnerability in Cjoverkill 4.0.3 Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters. | 4.3 |
2004-12-31 | CVE-2004-2191 | Turbotraffictrader | Input Validation vulnerability in Turbotraffictrader PHP 1.0 Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. | 4.3 |
2004-12-31 | CVE-2004-2188 | Dmxready | Cross-Site Scripting And SQL Injection vulnerability in DMXReady Site Chassis Manager Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2004-12-31 | CVE-2004-2180 | Wowbb | Remote Input Validation vulnerability in Wowbb web Forum 1.61 Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php. | 4.3 |
2004-12-31 | CVE-2004-2177 | Devoybb | Remote Input Validation vulnerability in Devoybb web Forum 1.0 Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2004-12-31 | CVE-2004-2174 | Early Impact | Multiple vulnerability in EarlyImpact ProductCart Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter. | 4.3 |
2004-12-31 | CVE-2004-2171 | Cherokee | Cross-Site Scripting vulnerability in Cherokee Error Page Cross-site scripting (XSS) vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page. | 4.3 |
2004-12-31 | CVE-2004-2162 | Tutos | Remote Input Validation vulnerability in Tutos 1.120040414 Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the search field of the Address Module or (2) the t parameter to app_new.php. | 4.3 |
2004-12-31 | CVE-2004-2157 | S9Y | Input Validation vulnerability in S9Y Serendipity 0.7Beta1 Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. | 4.3 |
2004-12-31 | CVE-2004-2152 | Mediawiki | Cross-Site Scripting vulnerability in MediaWiki Raw Page Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
2004-12-31 | CVE-2004-2123 | Nextplace | Cross-Site Scripting vulnerability in E-Commerce Asp Engine Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp, (2) searchKey parameter of searchresults.asp, and possibly (3) level parameter of ListCategories.asp. | 4.3 |
2004-12-31 | CVE-2004-2113 | Herberlin | Cross-Site Scripting vulnerability in Herberlin Bremsserver 1.2.4 Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
2004-12-31 | CVE-2004-2103 | Novell | Cross-Site Scripting vulnerability in Novell Netware 5.1/6.0 Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. | 4.3 |
2004-12-31 | CVE-2004-2102 | Freesco | Cross-Site Scripting vulnerability in FREESCO Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to inject arbitrary web script or HTML via the test parameter. | 4.3 |
2004-12-31 | CVE-2004-2098 | Native Solutions | Unspecified vulnerability in Native Solutions TBE Banner Engine 4.0/5.0 Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary script as other users via the HTML banner view/preview capability. | 4.3 |
2004-12-31 | CVE-2004-2096 | Mephistoles Internet Suite | Cross-Site Scripting vulnerability in Mephistoles Internet Suite Mephistoles Httpd 0.6Final/0.6P1/0.6P2 Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL. | 4.3 |
2004-12-31 | CVE-2004-2094 | Darkwet | Cross-Site Scripting vulnerability in Darkwet Webcam XP 1.6.945 Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows remote attackers to inject arbitrary HTML or web script as other users via a URL that contains the script. | 4.3 |
2004-12-31 | CVE-2004-2076 | Jelsoft | Cross-Site Scripting vulnerability in Jelsoft Vbulletin 3.0.0Rc4 Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |
2004-12-31 | CVE-2004-2063 | Antiboard | Input Validation vulnerability in AntiBoard Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter. | 4.3 |
2004-12-31 | CVE-2004-2020 | Francisco Burzi | Input Validation vulnerability in PHP-Nuke Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x through 7.3 allow remote attackers to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) date parameter in the Statistics module, (3) year, month, and month_1 parameters in the Stories_Archive module, (4) mode, order, and thold parameters in the Surveys module, or (5) a SQL statement to index.php, as processed by mainfile.php. | 4.3 |
2004-12-31 | CVE-2004-2017 | Turbotraffictrader | Cross-Site Scripting and HTML Injection vulnerability in Turbotraffictrader C 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel. | 4.3 |
2004-12-31 | CVE-2004-2015 | Webct | HTML Injection vulnerability in WebCT Campus Edition HTML Tags Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags. | 4.3 |
2004-12-31 | CVE-2004-1960 | Protector System | Unspecified vulnerability in Protector System Protector System 1.15B1 Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters. | 4.3 |
2004-12-31 | CVE-2004-1913 | Francisco Burzi Shiba Design | Multiple vulnerability in NukeCalendar Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to inject arbitrary web script or HTML via the eid parameter. | 4.3 |
2004-12-31 | CVE-2004-1911 | Azerbaijan Development Group | Cross-Site Scripting vulnerability in Azerbaijan Development Group Azdgdating 2.1.1 Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php. | 4.3 |
2004-12-31 | CVE-2004-1882 | Cactusoft | Cross-Site Scripting vulnerability in CactuSoft Cactushop 5.0/5.1 Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter. | 4.3 |
2004-12-31 | CVE-2004-1879 | Phpkit | HTML Injection vulnerability in PHPkit 1.6.03 Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages. | 4.3 |
2004-12-31 | CVE-2004-1867 | WEB Fresh | HTML Injection vulnerability in Web Fresh Fresh Guest Book 1.0/2.0/2.1 Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field. | 4.3 |
2004-12-31 | CVE-2004-1863 | XMB Forum | Cross-Site Scripting vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php. | 4.3 |
2004-12-31 | CVE-2004-1845 | Expinion NET | Multiple vulnerability in Expinion.Net News Manager Lite 2.5 Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp. | 4.3 |
2004-12-31 | CVE-2004-1844 | Expinion NET | Cross-Site Scripting vulnerability in Expinion.net Member Management System Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. | 4.3 |
2004-12-31 | CVE-2004-1837 | Joel Palmius | HTML Injection vulnerability in Joel Palmius Mod_Survey Survey Input Field Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings. | 4.3 |
2004-12-31 | CVE-2004-1824 | Jelsoft | Cross-Site Scripting vulnerability in VBulletin Memberlist.PHP Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php. | 4.3 |
2004-12-31 | CVE-2004-1823 | Jelsoft | Cross-Site Scripting vulnerability in Jelsoft Vbulletin 3.0.0/3.0.0Can4 Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php. | 4.3 |
2004-12-31 | CVE-2004-1809 | Phpbb Group | Cross-Site Scripting vulnerability in PHPBB Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php. | 4.3 |
2004-12-31 | CVE-2004-1807 | Dogpatch Software | Cross-Site Scripting vulnerability in Dogpatch Software Cfwebstore 5.0 Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
2004-12-31 | CVE-2004-1797 | Freznoshop | Cross-Site Scripting vulnerability in FreznoShop Search Script Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2004-12-31 | CVE-2004-1794 | Vcard4J | HTML Injection vulnerability in VCard4J Toolkit Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard. | 4.3 |
2004-12-31 | CVE-2004-1790 | Edimax | Cross-Site Scripting vulnerability in Edimax Full Rate Adsl Router Ar6004 Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
2004-12-31 | CVE-2004-1789 | Zyxel | Cross-Site Scripting vulnerability in ZyXEL ZyWALL 10 Management Interface Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page. | 4.3 |
2004-12-31 | CVE-2004-1779 | Thwboard | Cross-Site Scripting vulnerability in ThWboard board.php Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the lastvisited parameter. | 4.3 |
2004-12-31 | CVE-2004-1747 | Network Everywhere | HTML Injection vulnerability in Network Everywhere Nr041 1.2Release03 Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option. | 4.3 |
2004-12-31 | CVE-2004-1746 | PHP Code Snippet Library | Cross-Site Scripting vulnerability in PHP Code Snippet Library PHP Code Snippet Library 0.8 Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters. | 4.3 |
2004-12-31 | CVE-2004-1738 | Jshop E Commerce | Cross-Site Scripting vulnerability in Jshop E-Commerce Jshop Server 1.2 Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter. | 4.3 |
2004-12-31 | CVE-2004-1730 | Mantis | Cross-Site Scripting vulnerability in Mantis Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via (1) the return parameter to login_page.php, (2) e-mail field in signup.php, (3) action parameter to login_select_proj_page.php, or (4) hide_status parameter to view_all_set.php. | 4.3 |
2004-12-31 | CVE-2004-1593 | SCT Corporation | Cross-Site Scripting vulnerability in SCT Campus Pipeline Render.UserLayoutRootNode.uP Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter. | 4.3 |
2004-12-31 | CVE-2004-1589 | Gosmart | Input Validation vulnerability in Go Smart Inc GoSmart Message Board Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp. | 4.3 |
2004-12-31 | CVE-2004-1578 | Invision Power Services | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 2.0.0 Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header. | 4.3 |
2004-12-31 | CVE-2004-1566 | Silent Storm | Input Validation vulnerability in Silent-Storm Portal 2.1/2.2 Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module parameter. | 4.3 |
2004-12-31 | CVE-2004-1563 | W Agora | Remote Input Validation vulnerability in W-Agora 4.1.6A Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the (1) thread parameter to download_thread.php, (2) loginuser parameter to login.php, or (3) userid parameter to forgot_password.php. | 4.3 |
2004-12-31 | CVE-2004-1559 | Wordpress | Cross-Site Scripting vulnerability in Wordpress 1.2 Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php. | 4.3 |
2004-12-31 | CVE-2004-1551 | PHP Arena | Cross-Site Scripting vulnerability in PHP Arena Pafiledb 3.1 Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter. | 4.3 |
2004-12-31 | CVE-2004-1544 | Jspwiki | Cross-Site Scripting vulnerability in Jspwiki 2.1.120/2.1.121/2.1.122 Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. | 4.3 |
2004-12-31 | CVE-2004-1537 | Phpkit | Input Validation vulnerability in PHPkit 1.6.02/1.6.03/1.6.1 Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. | 4.3 |
2004-12-31 | CVE-2004-1529 | ROB Sutton | Remote vulnerability in ROB Sutton PHP-Nuke Event Calendar 2.13 Cross-site scripting (XSS) vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the (1) type, (2) day, (3) month, or (4) year parameters in a Preview operation, or (5) event comments. | 4.3 |
2004-12-31 | CVE-2004-1512 | Soft3304 | Remote vulnerability in Soft3304 04Webserver 1.42 Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute arbitrary web script or HTML via script code in the URL, which is not quoted in the resulting default error page. | 4.3 |
2004-12-31 | CVE-2004-1506 | Webcalendar | Remote vulnerability in WebCalendar Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags. | 4.3 |
2004-12-31 | CVE-2004-1499 | Webhost Automation | Input Validation vulnerability in WebHost Automation Helm Control Panel Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field. | 4.3 |
2004-12-31 | CVE-2004-1477 | Macromedia | Remote vulnerability in Macromedia Jrun 3.0/3.1/4.0 Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session. | 4.3 |
2004-12-31 | CVE-2004-1467 | Egroupware | Input Validation vulnerability in Egroupware 1.0/1.0.1/1.0.3 Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) date or search text field in the calendar module, (2) Field parameter, Filter parameter, QField parameter, Start parameter or Search field in the address module, (3) Subject field in the message module or (4) Subject field in the Ticket module. | 4.3 |
2004-12-31 | CVE-2004-1443 | Horde | HTML Injection vulnerability in Horde IMP HTML+TIME Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an e-mail message. | 4.3 |
2004-12-31 | CVE-2004-1442 | IBM | Cross-Site Scripting vulnerability in IBM Net.Data 7.0/7.2 Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E." | 4.3 |
2004-12-31 | CVE-2004-1424 | Moodle | Cross-Site Scripting vulnerability in Moodle Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2004-12-31 | CVE-2004-1420 | WHM | Remote vulnerability in WHM Autopilot 2.4.5/2.4.6/2.4.6.5 Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) site_title or (2) http_images parameter. | 4.3 |
2004-12-31 | CVE-2004-1418 | Wirtualna Polska | Remote Script Execution vulnerability in Wirtualna Polska WPKontakt Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error is generated. | 4.3 |
2004-12-31 | CVE-2004-1412 | Kayako | Cross-Site Scripting and SQL Injection vulnerability in Kayako ESupport Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter. | 4.3 |
2004-12-31 | CVE-2004-1410 | Gadu Gadu | Remote Input Validation And Denial Of Service vulnerability in Gadu-Gadu Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229. | 4.3 |
2004-12-31 | CVE-2004-1397 | Usemod | Cross-Site Scripting vulnerability in UseModWiki Wiki.PL Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl. | 4.3 |
2004-12-31 | CVE-2004-1384 | Phpgroupware | Cross-Site Scripting and SQL Injection vulnerability in PHPGroupWare Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php. | 4.3 |
2004-12-31 | CVE-2004-1156 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Mozilla Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | 4.3 |
2004-12-31 | CVE-2004-1146 | Cvstrac | Cross-Site Scripting vulnerability in CVSTrac Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script. | 4.3 |
2004-12-28 | CVE-2004-1062 | Viewcvs | Unspecified vulnerability in Viewcvs 0.9.2 Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages. | 4.3 |
2004-12-31 | CVE-2004-2747 | Pablo Software Solutions | Path Traversal vulnerability in Pablo Software Solutions Quick N Easy FTP Server 1.77 Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. | 4.0 |
2004-12-31 | CVE-2004-2659 | Mozilla Opera | Race Condition vulnerability in multiple products Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. | 4.0 |
2004-12-31 | CVE-2004-2621 | Nortel | Unspecified vulnerability in Nortel Contivity Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack. | 4.0 |
2004-12-31 | CVE-2004-2584 | Smartertools | Remote Security vulnerability in Smartertools Smartermail 1.6.1511/1.6.1529 frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). | 4.0 |
2004-12-31 | CVE-2004-2493 | Hitachi | Cross-Site Scripting And Directory Traversal vulnerability in Hitachi products Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter. | 4.0 |
2004-12-31 | CVE-2004-1569 | Illustrate | Buffer Overflow vulnerability in Illustrate products Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields. | 4.0 |
2004-12-31 | CVE-2004-0908 | Mozilla | Unspecified vulnerability in Mozilla and Thunderbird Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | 4.0 |
89 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-12-31 | CVE-2004-2643 | Microsoft | Directory Traversal vulnerability in Microsoft CABARC Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive. | 3.7 |
2004-12-31 | CVE-2004-2626 | Siemens | Unspecified vulnerability in Siemens S55 09.2179 GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message. | 3.7 |
2004-12-31 | CVE-2004-1465 | Winzip | Buffer Overflow vulnerability in WinZip Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line. | 3.7 |
2004-12-31 | CVE-2004-1445 | Nessus | Unspecified vulnerability in Nessus A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR environment variable is not set, allows local users to gain privileges. | 3.7 |
2004-12-31 | CVE-2004-2408 | Vserver | Unspecified vulnerability in Vserver Linux-Vserver Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server. | 3.6 |
2004-12-31 | CVE-2004-2319 | IBM | Local Privilege Escalation vulnerability in IBM products IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. | 3.6 |
2004-12-31 | CVE-2004-2311 | IBM | Directory Traversal vulnerability in IBM Lotus Domino 6.5.1 Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. | 3.6 |
2004-12-31 | CVE-2004-2303 | Mtools | Privilege Escalation vulnerability in MTools MFormat MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files. | 3.6 |
2004-12-31 | CVE-2004-2728 | Hummingbird | Buffer Errors vulnerability in Hummingbird Connectivity 7.1/9.0 Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | 3.5 |
2004-12-31 | CVE-2004-2717 | PHP Heaven | Path Traversal vulnerability in PHP Heaven PHPmychat 0.14.5 Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. | 2.6 |
2004-12-31 | CVE-2004-2547 | Netwin | Input Validation vulnerability in Netwin Surgemail and Webmail NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message. | 2.6 |
2004-12-31 | CVE-2004-2530 | Gadu Gadu | Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, which is not displayed in the dialog box. | 2.6 |
2004-12-31 | CVE-2004-2491 | Opera | Race Condition vulnerability in Opera Browser A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. | 2.6 |
2004-12-31 | CVE-2004-2476 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2800 Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. | 2.6 |
2004-12-31 | CVE-2004-2302 | Linux | Local Integer Overflow vulnerability in Linux Kernel 2.6.10 Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files. | 2.6 |
2004-12-31 | CVE-2004-2219 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | 2.6 |
2004-12-31 | CVE-2004-2014 | GNU | Unspecified vulnerability in GNU Wget Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | 2.6 |
2004-12-31 | CVE-2004-2011 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2600 msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI. | 2.6 |
2004-12-31 | CVE-2004-1909 | Clam Anti Virus | Remote Denial Of Service vulnerability in Clam Anti-Virus Clamav 0.65/0.67 Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. | 2.6 |
2004-12-31 | CVE-2004-1907 | Kerio | Remote Denial Of Service vulnerability in Kerio Personal Firewall Web Filtering The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". | 2.6 |
2004-12-31 | CVE-2004-1753 | Mozilla Netscape | The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | 2.6 |
2004-12-31 | CVE-2004-1495 | Rarlab | Unspecified vulnerability in Rarlab Winrar The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive. | 2.6 |
2004-12-31 | CVE-2004-1490 | Opera | Unspecified vulnerability in Opera Browser Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers. | 2.6 |
2004-12-31 | CVE-2004-1489 | Opera | Exposure of Resource to Wrong Sphere vulnerability in Opera Browser Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory. | 2.6 |
2004-12-31 | CVE-2004-1451 | Mozilla | Remote Security vulnerability in Browser Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. | 2.6 |
2004-12-31 | CVE-2004-1449 | Firebirdsql Mozilla | File-Upload vulnerability in Browser Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. | 2.6 |
2004-12-31 | CVE-2004-1411 | Gadu Gadu | Remote Input Validation And Denial Of Service vulnerability in Gadu-Gadu Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | 2.6 |
2004-12-31 | CVE-2004-1396 | Nullsoft | Remote Denial Of Service vulnerability in Nullsoft Winamp 5.07 Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file. | 2.6 |
2004-12-31 | CVE-2004-0999 | ZGV | Remote Memory Corruption vulnerability in ZGV Image Viewer Animated GIF zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images. | 2.6 |
2004-12-31 | CVE-2004-2759 | SUN | Information Disclosure vulnerability in Sun StorEdge Sparse File Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files. | 2.1 |
2004-12-31 | CVE-2004-2723 | Nessus | Credentials Management vulnerability in Nessus Nessuswx 1.4.4 NessusWX 1.4.4 stores account passwords in plaintext in .session files, which allows local users to obtain passwords. | 2.1 |
2004-12-31 | CVE-2004-2684 | Intersystems | Local Security vulnerability in Intersystems Cache Database 5 Unspecified vulnerability in the %template package in InterSystems Cache' 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files under (a) Dev\studio\templates and (b) Devuser\studio\templates. | 2.1 |
2004-12-31 | CVE-2004-2683 | Intersystems | Local Security vulnerability in Intersystems Cache 5 Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server. | 2.1 |
2004-12-31 | CVE-2004-2658 | Suse | Local Security vulnerability in Suse Linux 9.0 resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types. | 2.1 |
2004-12-31 | CVE-2004-2609 | Symantec | Unspecified vulnerability in Symantec Powerquest Deploycenter 5.5 The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow. | 2.1 |
2004-12-31 | CVE-2004-2607 | Linux | Unspecified vulnerability in Linux Kernel A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer. | 2.1 |
2004-12-31 | CVE-2004-2605 | Astats | Local Insecure Temporary File Creation vulnerability in Astats 1.6.5 aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files. | 2.1 |
2004-12-31 | CVE-2004-2599 | ID Software | Denial-Of-Service vulnerability in Quake II Server Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon. | 2.1 |
2004-12-31 | CVE-2004-2591 | Buttuglysoftware | The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does not properly overwrite data in files, which allows attackers to recover the data. | 2.1 |
2004-12-31 | CVE-2004-2569 | David Stes | Symbolic Link vulnerability in IPMenu Log File ipmenu 0.0.3 before Debian GNU/Linux ipmenu_0.0.3-5 allows local users to overwrite arbitrary files via a symlink attack on the ipmenu.log temporary file. | 2.1 |
2004-12-31 | CVE-2004-2555 | Smartstuff | Unspecified vulnerability in Smartstuff Foolproof Security 3.9/3.9.4/3.9.7 Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key. | 2.1 |
2004-12-31 | CVE-2004-2544 | Securecomputing | Information Disclosure vulnerability in Securecomputing Sidewinder G2 6.1.0.01 Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information. | 2.1 |
2004-12-31 | CVE-2004-2502 | IM Switch | Symbolic Link vulnerability in IM-Switch Insecure Temporary File Handling im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcher[PID] temporary file. | 2.1 |
2004-12-31 | CVE-2004-2477 | Diamondcs | Unspecified vulnerability in Diamondcs Process Guard Free 2.000 DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe. | 2.1 |
2004-12-31 | CVE-2004-2459 | GNU | Local Security vulnerability in gnubiff Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | 2.1 |
2004-12-31 | CVE-2004-2454 | Amsn | Information Disclosure vulnerability in Amsn 0.90 aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml. | 2.1 |
2004-12-31 | CVE-2004-2440 | Proxytunnel | Local Proxy Credential Disclosure vulnerability in Proxytunnel 1.0.6/1.1.3 Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials (username or password) of other users. | 2.1 |
2004-12-31 | CVE-2004-2436 | Broadcom | Unspecified vulnerability in Broadcom products Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges. | 2.1 |
2004-12-31 | CVE-2004-2419 | Keene | Directory Traversal and Authentication Bypass vulnerability in Keene Digital Media Server Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on the local system. | 2.1 |
2004-12-31 | CVE-2004-2414 | Novell | Unspecified vulnerability in Novell Netware 6.5 Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. | 2.1 |
2004-12-31 | CVE-2004-2410 | Samhain Labs | Denial-Of-Service vulnerability in Samhain Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference). | 2.1 |
2004-12-31 | CVE-2004-2400 | Winftp Server | Unspecified vulnerability in Winftp Server Winftp Server 1.6 WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials. | 2.1 |
2004-12-31 | CVE-2004-2398 | Netenberg | Unspecified vulnerability in Netenberg Fantastico DE Luxe 2.8 Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5. | 2.1 |
2004-12-31 | CVE-2004-2395 | Mandrakesoft | Unspecified vulnerability in Mandrakesoft products Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. | 2.1 |
2004-12-31 | CVE-2004-2394 | Mandrakesoft | Unspecified vulnerability in Mandrakesoft products Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. | 2.1 |
2004-12-31 | CVE-2004-2365 | Microsoft | Denial-Of-Service vulnerability in Microsoft Windows 2003 Server and Windows XP Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount. | 2.1 |
2004-12-31 | CVE-2004-2337 | Inlook | Unspecified vulnerability in Inlook The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials. | 2.1 |
2004-12-31 | CVE-2004-2321 | BEA | Unspecified vulnerability in BEA Weblogic Server 8.1 BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword. | 2.1 |
2004-12-31 | CVE-2004-2309 | Crob | Remote Information Disclosure vulnerability in Crob FTP Server 3.5.1 Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command. | 2.1 |
2004-12-31 | CVE-2004-2276 | F Secure | F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection. | 2.1 |
2004-12-31 | CVE-2004-2258 | Hummingbird | Unspecified vulnerability in Hummingbird Exceed 9.0 Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab. | 2.1 |
2004-12-31 | CVE-2004-2230 | Openbsd | Buffer Overflow Local Denial Of Service vulnerability in Openbsd 3.4/3.5/3.6 Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | 2.1 |
2004-12-31 | CVE-2004-2169 | A A S Application Access Server | Denial-Of-Service vulnerability in A-A-S Application Access Server A-A-S Application Access Server 1.0.37 Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request. | 2.1 |
2004-12-31 | CVE-2004-2097 | Suse | Scripts Insecure Temporary File Handling Symbolic Link vulnerability in Suse Linux 9.0 Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd. | 2.1 |
2004-12-31 | CVE-2004-2022 | Activestate | Buffer Overflow vulnerability in Multiple Perl Implementation System Function Call ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. | 2.1 |
2004-12-31 | CVE-2004-1902 | Citrix | Unspecified vulnerability in Citrix Metaframe Password Manager 2.0 The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information. | 2.1 |
2004-12-31 | CVE-2004-1895 | Suse | Unspecified vulnerability in Suse Linux 8.2/9.0 YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. | 2.1 |
2004-12-31 | CVE-2004-1894 | Pragma ADE | TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrary files via a symlink attack on texutil.log. | 2.1 |
2004-12-31 | CVE-2004-1808 | Metamail Corporation | Unspecified vulnerability in Metamail Corporation Metamail 2.7 Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
2004-12-31 | CVE-2004-1795 | Info Touch | Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI. | 2.1 |
2004-12-31 | CVE-2004-1748 | Sysinternals | Local Denial of Service vulnerability in Sysinternals Regmon NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue. | 2.1 |
2004-12-31 | CVE-2004-1586 | Jera Technology | Local Security vulnerability in Jera Technology Flash Messaging Server 5.2.0G Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected. | 2.1 |
2004-12-31 | CVE-2004-1500 | Freeform Interactive Monolith Productions | Remote Format String vulnerability in Monolith Lithtech Game Engine Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message. | 2.1 |
2004-12-31 | CVE-2004-1453 | GNU | Local Information Disclosure vulnerability in GNU GLibC LD_DEBUG GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | 2.1 |
2004-12-31 | CVE-2004-1438 | Subversion | Unspecified vulnerability in Subversion The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command. | 2.1 |
2004-12-31 | CVE-2004-1387 | Apache | Local Security vulnerability in Apache Http Server 1.3.31 The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | 2.1 |
2004-12-31 | CVE-2004-1382 | GNU | Local Security vulnerability in glibc The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. | 2.1 |
2004-12-31 | CVE-2004-1296 | GNU | Local Security vulnerability in groff The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |
2004-12-31 | CVE-2004-1179 | Debian | Local Insecure Temporary File Creation vulnerability in Debian Debmake The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories. | 2.1 |
2004-12-31 | CVE-2004-0824 | Apple | Symbolic Link vulnerability in Apple PPPDialer Insecure Log File Creation PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | 2.1 |
2004-12-31 | CVE-2004-0813 | IDE CD | Unspecified vulnerability in Ide-Cd Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations. | 2.1 |
2004-12-31 | CVE-2004-0533 | Businessobjects | Unspecified vulnerability in Businessobjects Infoview and Webintelligence Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client. | 2.1 |
2004-12-31 | CVE-2004-0491 | Redhat | Local MEMLOCK RLIMIT Bypass Denial Of Service vulnerability in Redhat Enterprise Linux 3.0 The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. | 2.1 |
2004-12-31 | CVE-2004-0462 | The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server. | 2.1 | |
2004-12-31 | CVE-2004-0325 | Typsoft | Remote CPU Consumption Denial Of Service vulnerability in Typsoft FTP Server 1.10 TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using "//../qwerty". | 2.1 |
2004-12-27 | CVE-2004-1377 | GNU Turbolinux | The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |
2004-12-31 | CVE-2004-2473 | Wmfrog | Link Following vulnerability in Wmfrog 0.1.6 wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 1.2 |
2004-12-31 | CVE-2004-2231 | Zero G | Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files. | 1.2 |
2004-12-31 | CVE-2004-2648 | Faronics | Denial-Of-Service vulnerability in FreezeX FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file. | 1.0 |