Windows Operating Systems Only |
Vendor & Software Name |
Common Name |
Risk |
Source |
|
21-6 Productions
Orbz 2.10 and prior |
21-6 Productions Orbz Password Field Buffer
Overflow |
High |
SB04-350
SB04-336
|
1st Class Internet Solutions
1st Class Mail Server 4.0 |
1st Class Mail Server Remote Buffer Overflow
|
|
SB04-077 |
1st Class Internet Solutions
1st Class Mail Server 4.01 |
1st Class Mail Server Multiple Input Validation Vulnerabilities |
Medium/ High
(High if arbitrary code can be executed)
|
SB04-105 |
2Wire, Inc.
Home Portal Series |
2Wire HomePortal Series Directory Traversal & Cross-Site Scripting |
Medium |
|
3am Labs Ltd.
RemotelyAnywhere Enterprise Edition |
Remotely Anywhere Login Message Injection |
Medium |
|
ACLogic
CesarFTP 0.98b, 0.99 g, 0.99 e |
CesarFTP Buffer Overflow |
Low/High
(High if arbitrary code can be executed)
|
SB04-252 |
ACLogic
CesarFTP 0.99 e |
CesarFTP Remote Denial of Service
|
Low |
SB04-058
CyberNotes-2004-01 |
Acme Laboratories
thttpd 2.07 beta 0.4 10dec99 |
thttpd Input Validation Error Discloses Files to Remote Users |
Medium |
SB04-231 |
Active Server Corner
ASP Calendar 1.0 |
Active Server Corner ASP Calendar Administrative Access
|
High |
SB04-357 |
ActivePost
Standard 3.0, 3.1 |
ActivePost Messenger Multiple Remote Vulnerabilities
|
Low/Medium
(Medium if sensitive information can be obtained)
|
SB04-273 |
Adobe Systems
Adobe Acrobat 5.0.5 and prior, possibly 6.0.2 |
Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability
CVE Name:
CAN-2004-0629 |
High |
SB04-259
|
Adobe Systems Inc.
Acrobat Reader 5.1 |
Acrobat Reader XFDF File Handler Remote
Buffer Overflow
CVE Name:
CAN-2004-0194
|
|
SB04-077 |
Adobe Systems Incorpor-ated
Photoshop 8.0 |
Photoshop COM Objects Remote Denial of Service
|
Low |
SB04-105 |
Adobe
Adobe Acrobat Reader version 6.0.1 |
Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability
CVE Name:
CAN-2004-0632 |
High |
SB04-203 |
Adobe
Adobe Acrobat 6.01 and 6.02; Adobe Reader 6.01 and 6.02 |
Adobe Acrobat / Adobe Reader Disclosure of Sensitive Information |
Medium |
SB04-294 |
Agnitum
Outpost Firewall Pro 2.1
|
Agnitum Outpost Firewall Pro Can Be Crashed By Remote Users Sending a Sustained Packet Flood |
Low |
SB04-147 |
Agnitum
Outpost Firewall 1.0. 2.0 |
Outpost Firewall Local Privilege Escalation |
High |
|
Akella
Age of Sail II 1.04.151 and prior versions |
Akella Age of Sail II Buffer Overflow |
High |
SB04-308
SB04-301 |
Alan Ward
A-Cart 2.0, A-Cart PRO 2.0 |
A-Cart Multiple Remote Input Validation
|
High |
SB04-105 |
Aldo's Tools
Aldo's Web Server 1.5 |
Aldo's Web Server Multiple
Input Validation
|
Medium |
SB04-133 |
Allied Telesyn
AT-TFTP Server version 1.8 and prior |
Allied Telesyn AT-TFTP Server Arbitrary File Execution or Denial of Service
|
Low/High
(High if arbitrary code can be executed)
|
SB04-308 |
AlShare Software
NetNote Server 2.2 (build 230) |
NetNote Server Remote Denial of Service
|
Low |
SB04-322 |
Altiris
AClient Service for Windows 5.6.181; 5.6 SP1 (Hotfix E) |
Altiris AClient Service Windows Tray Icon Access Control |
Medium |
SB04-329
|
Altiris
Altiris Carbon Copy Solution 6.0.5257 |
Altiris Carbon Copy Solution Privilege Escalation |
Medium |
SB04-301 |
Altiris
Altiris Deployment Server 5.x, 6.x; 6.1sp1 and prior versions |
Altiris Deployment Server Client Authentication Hole |
High |
SB04-301 |
Alt-N
MDaemon 7.2, 6.8.0-6.8.5 |
Alt-N MDaemon Privilege Escalation
|
Medium |
SB04-336
SB04-343 |
Alt-N Technologies
MDaemon/World Client 6.52 - 6.85
|
MDaemon/ WorldClient ‘Form2Raw’ Remote
Buffer Overflow
|
|
SB04-091
CyberNotes-2004-01 |
Alt-N Technologies
MDaemon 6.5.1 |
MDaemon IMAP/SMTP Server Multiple Remote Buffer Overflows |
Low/High
(High if arbitrary code can be executed)
|
SB04-273 |
| Alt-N
MDaemon 2.8-6.8.5
|
Alt-N MDaemon Remote Status Command Buffer Overflow Vulnerability |
Low/High
(High if arbitrary code can be executed)
|
SB04-147 |
altSoft
aGSM 2.35 c |
aGSM Half-Life Server Info Response Buffer Overflow |
High |
SB04-245 |
AMAX Information Technologies Inc.
Magic Winmail Server 3.6 |
Magic Winmail Server LDapLib.PHP Remote Information Disclosure |
Medium |
SB04-077 |
AMAX Information Technologies Inc.
Winmail Server 4.0 (Build 1112) |
Winmail Server 'chgpwd.php', 'domain.php', and 'user.php' Information Disclosure |
Medium |
SB04-350 |
America Online
Instant Messenger all versions |
Instant Messenger Remote Denial of Service |
Low |
|
America OnLine
Instant Messenger 4.3, 4.3.2229, 4.4-4.7, 4.7.2480, 4.8 .2646, 4.8.2616, 4.8.2790, 5.0.2938, 5.1.3036, 5.2.3292, 5.5, 5.5.3415 Beta |
AOL Instant Messenger Buddy Icon |
High |
SB04-077 |
Anteco Visual Technologies
Own Server 1.0 & prior |
OwnServer Directory Traversal |
Medium |
|
Apache Software Foundation
Apache 2.0.49 (Win32) with PHP 5.0.0 RC2 |
Apache Can Be Crashed By PHP Code |
Low |
SB04-203 |
Apache Software Foundation
Apache 0.8.11, 0.8.14, 1.0, 1.0.2, 1.0.3, 1.0.5, 1.1, 1.1.1, 1.2, 1.2.5, 1.3, 1.3.1, 1.3.3, 1.3.4, 1.3.6, 1.3.7 -dev, 1.3.9, 1.3.11, 1.3.12, 1.3.14, 1.3.17- 1.3.20, 1.3.22- 1.3.29, 2.0 a9, 2.0, 2.0.28, Beta, 2.0.32, 2.0.35, 2.0.36- 2.0.48 |
Apache Cygwin Directory Traversal |
Medium |
SB04-077 |
Apple
QuickTime prior to 6.5.2 |
|
High |
SB04-308 |
ArGo Software Design
ArGoSoft FTP Server 1.4.x |
ArGoSoft FTP Server Shortcut Upload |
Not Specified |
SB04-315 |
ArGoSoft
FTP Server 1.0,
1.2.2 .2, 1.4.1 .1- 1.4.1 .5
|
ArGoSoft FTP Server Multiple Remote Vulnerabilities
|
Low/Medium/ High
(Low if a DoS; Medium is sensitive information can be obtained; and High if arbitrary code can be executed)
|
SB04-077 |
ASP Portal
ASP Portal |
Multiple ASP Portal Vulnerabilities |
Medium/ High
(High if arbitrary code can be executed)
|
SB04-058 |
AspDotNetStore
front
AspDotNetStore
front 3.3, PRO 3.3 |
AspDotNet Storefront Multiple Vulnerabilities
|
High |
SB04-175 |
ASP-Rider
ASP-Rider |
ASP-Rider Remote SQL Injection
|
High |
SB04-357 |
| ASP-Rider
ASP-Rider 1.6
|
ASP-Rider Administrative Access |
High |
SB04-175 |
Atari
Clever's Games Terminator 3: War of the Machines 1.0 |
Clever's Games Terminator 3: War of the Machines Remote Client Buffer Overflow |
|
SB04-091 |
AtHoc
AtHoc Toolbar |
AtHoc Toolbar Remote Code Execution |
High |
SB04-287 |
BEA Systems, Inc.
WebLogic Server & Express 5.1, SP1- SP13, 6.1 SP1-SP6, 7.0, SP1-SP4, 8.1, SP1 & SP2 |
WebLogic Server & Express HTTP TRACE Cross-Site Scripting
|
High |
CyberNotes-2004-03 |
BEA Systems, Inc.
WebLogic Server & Express 7.0 SP1-SP4 |
WebLogic Server & Express SSL Client Elevated Privileges |
Medium |
CyberNotes-2004-03 |
BEA Systems, Inc.
WebLogic Server & Express 8.1 (SP1 & SP2, 7.0 (SP1-SP4, 6.1 (SP1-SP6 |
WebLogic Operator/ Information Disclosure |
Medium |
CyberNotes-2004-03 |
BEA Systems, Inc.
WebLogic Server & Express 8.1, SP1 |
WebLogic Server/Express Administrator Password Disclosure |
Medium |
CyberNotes-2004-03 |
BEA Systems, Inc.
WebLogic Server & Express 8.1, SP1 |
WebLogic MBean Passwords
|
High |
CyberNotes-2004-03 |
Best Software
SalesLogix 6 |
Best Software SalesLogix Multiple Vulnerabilities |
Medium/High
(High if arbitrary code can be executed)
|
SB04-301
SB04-294 |
birdchat.sourceforge.net
Internet Chat Server 1.61 |
Bird Chat Remote Denial of Service |
Low |
SB04-245 |
Blaine R. Southam (BRS)
Web Weaver 1.07 |
WebWeaver ‘ISAPISkele-ton.dl’l Cross-Site Scripting |
High |
CyberNotes-2004-03 |
Blaxxun technologies GmbH
Contact 3D |
Contact 3D Remote Buffer Overflow
|
High |
SB04-105 |
Borland
Borland Web Server / (Corel Paradox 1.0b3 & prior |
Webserver for Corel Paradox Directory Traversal |
Medium |
CyberNotes-2004-03 |
BroadBoard.com
Broadboard ASP Message Board 1.x
|
Broadboard Input Validation |
High |
SB04-273 |
Burton Tjin
Chatter Box 2.0 |
ChatterBox Remote Denial of Service
|
Low |
CyberNotes-2004-03 |
Burut Creative Team
Burut Kreed 1.5 |
Burut Kreed Game Server Multiple Remote Vulnerabilities |
Low/High
(High if arbitrary code can be executed)
|
SB04-343 |
Business Objects
Crystal Reports 10.0 |
Business Objects Crystal Reports Multiple Unspecified Vulnerabilities |
Low/ Medium
(Medium if arbitrary files can be viewed or deleted)
|
SB04-133 |
Business Objects
Crystal Reports 9, 10
Crystal Enterprise 9, 10 |
Business Objects Crystal Reports Buffer Overflow JPEG Processing |
High |
SB04-287 |
ButtUglySoftware.com
CleanCache 2.19 |
ButtUglySoftware CleanCache Fails to Delete Files |
Low
|
SB04-364 |
BYTE/ 400
Platinum FTPserver 1.0.18 |
Multiple PlatinumFTP Server Format String Vulnerabilities |
High |
|
Cactusoft Ltd.
Cactu Shop Lite 5.0 |
CactuShop Lite Remote Arbitrary File Deletion Backdoor |
Low |
SB04-058 |
CactuSoft
Cactu Shop 5.0 5.1 |
CactuShop Input Validation Vulnerabilities |
High |
SB04-105 |
CalaCode.com
@mail Webmail System 3.64 |
@mail Webmail System Cross-Site Scripting & Denial of Service |
Low/ High
(High if arbitrary code can be executed)
|
SB04-077 |
Caucho Technology
Resin 2.1.12
|
Resin Information & Directory Listing Disclosure |
Medium |
SB04-058 |
Cerulean Studios
Trillian 0.74i |
Trillian Remote Buffer Overflow MSN Module |
|
SB04-259 |
Chris Burge
Web Server Com-pieuw.1, beta 2,
Compieuw
|
DiGi WWW Server Remote Denial of Service
|
Low |
SB04-133 |
Cisco Systems
Personal Assistant 1.4(1), 1.4(2) |
Personal Assistant Authentication Bypass |
Medium |
|
Cisco Systems
Access Control Server Solution Engine, Secure Access Control Server 3.2 (3), 3.2 (2), 3.2, Secure ACS for Windows Server 3.2 |
Secure Access Control Server Multiple Remote Vulnerabilities |
Low/Medium
(Medium if authentication can be bypassed)
|
SB04-294
SB04-245 |
Cisco Systems
CNS Network Registrar 6.0-6.0.5 .4, 6.1-6.1.1 .3 |
Cisco CNS Network Registrar DNS & DHCP Server Remote Denial of Service |
Low |
SB04-343 |
Cisco
Cisco Secure Access Control Server 3.3.1 |
Cisco Secure Access Control Server EAP-TLS Authentication |
Medium |
SB04-315 |
Cisco
Cisco Security Agent (CSA) prior to 4.0.3 build 728 |
Cisco Security Agent Specially Timed Buffer Overflow |
High |
SB04-322 |
Citrix
ICA Win32 client (The ICA Win32 Web Client, ICA Win32 Program Neighborhood Client, and ICA Win32 Program Neighborhood Agent) version 8.0 and prior |
Citrix ICA Client Keystroke Monitor |
Medium |
SB04-329 |
Citrix
Meta Frame for Microsoft Windows 2000 1.8, Meta Frame for MS NT 4.0 Server Terminal Server 1.8, Meta Frame XP for Microsoft Windows 2000 1.0, 2003 1.0, XP for MS NT 4.0 Server Terminal Server 1.0, XP Presentation Server for Windows 1.0 |
MetaFrame Presentation Target User's Client Drives |
Medium |
SB04-133 |
Citrix
Meta Frame Password Manager 2.0 |
MetaFrame Failure To Encrypt Application Password |
Medium |
SB04-105 |
Citrix
MetaFrame XP for Windows |
Citrix Metaframe XP Buffer Overflow Vulnerability |
High |
SB04-364 |
Clearswift Limited
MAIL sweeper for SMTP 4.3_13 & prior |
MAILsweeper For SMTP Remote Denial of Service
|
Low |
CyberNotes-2004-03 |
Clearswift
MIMEsweeper for SMTP 5.0, 5.0.5 |
Clearswift MIMEsweeper For SMTP Remote Denial of Service |
Low |
SB04-350 |
Clearswift
MAILsweeper prior to 4.3.15 |
MAILsweeper Fails to Detect and Analyze Some Attachment Formats
CVE Names:
CAN-2003-0928
CAN-2003-0929
CAN-2003-0930 |
Medium |
SB04-231 |
Clearswift
MIMEsweeper for SMTP 5.x |
Clearswift MIMEsweeper for SMTP Encrypted Emails Misclassification |
Medium |
SB04-322 |
Clearswift
MIMEsweeper for Web prior to 5.0.4 |
MIMEsweeper for Web Directory Traversal Vulnerability |
Medium |
SB04-231 |
Code-Crafters
Ability Mail Server 1.x |
Ability Mail Server Cross-Site Scripting and Denial of Service Vulnerabilities |
High |
SB04-203 |
Code-Crafters
Ability (Mail and FTP) Server 2.3.4 |
Code-Crafters Ability Server Buffer Overflow |
High |
SB04-364
SB04-308
SB04-301
|
Code-Crafters
Ability Server 2.25-2.34 |
Ability Server 'APPE FTP' Command Buffer Overflow |
High |
SB04-357
SB04-350 |
| Codemasters Software Company Limited
Colin McRae Rally 04
|
Colin McRae Rally 2004 Multiplayer Remote
Denial of Service
|
Low |
SB04-161 |
| Codemasters Software Company Limited
ToCA Race Driver
|
ToCA Race Driver Multiple Remote Denial of Service
|
Medium/ Low
(Low if a DoS)
|
SB04-175 |
CoffeeCup Software
CoffeeCup Direct FTP 6.0, 6.2, CoffeeCup Free FTP 6.0, 6.2 |
CoffeeCup Direct/Free FTP ActiveX Component Remote Buffer Overflow |
High |
SB04-350
SB04-336 |
Comersus Open Technologies
Comersus Cart 5.0 991 |
Comersus Shopping Cart 'redirecturl' Input Validation |
Medium/High
(High if arbitrary code can be executed)
|
SB04-252 |
Computer Associates
Common Services 1.0, 1.1, 2.0, 2.1, 2.2, 3.0, Unicenter Network & Systems Management 3.0, Unicenter ServicePlus Service Desk 6.0 |
Computer Associates Unicenter Common Services Plaintext Password |
Medium |
SB04-280 |
Computer Associates
Control IT Advanced Edition 5.0, Enterprise Edition 5.0, 5.1, Unicenter Remote Control 5.2, Option 5.0, Option 5.1, Option German Version 5.1 |
Unicenter Remote Control & Control IT Privilege Escalation & Denial of Service
CVE Names:
CAN-2003-0996
CAN-2003-0997
CAN-2003-0998 |
Low/ Medium
(Medium if unauthorized access can be obtained) |
|
Computer Associates
eTrust EZ Antivirus 7.0, 7.0.1 .1-7.0.1.4, 7.0.1, 7.0.2 .1, 7.0.2, 7.0.3, 7.0.4 |
Computer Associates eTrust EZ Antivirus Local Insecure Default Installation
CVE Name:
CAN-2004-1149
|
Medium |
SB04-357 |
Computer Associates
eTrust EZ Antivirus prior to 7.0.2.1 |
Computer Associates eTrust EZ Antivirus Access
|
Medium |
SB04-329
|
Computer Associates
Unicenter Management Portal 2.0, 3.1 |
Unicenter Management Portal Username Disclosure |
Medium |
SB04-273 |
Computer Associates
eTrust Antivirus EE 7.0 |
eTrust Antivirus Password Protected Zip File |
High |
SB04-058 |
Computer Associates
Unicenter Remote Control English 6.0 SP1 (Build 6.0.77), GA 6.0 (6.0.56.3), QO48974 6.0 (Build 6.0.74), Unicenter Remote Control French 6.0 SP1 (Build 6.0.77), GA 6.0 (Build 6.0.74), Unicenter Remote Control German 6.0 SP1 (Build 6.0.77), GA 6.0 (Build 6.0.74) |
Computer Associates Unicenter Remote Control Remote Authentication Bypass |
High |
SB04-343 |
Crob Software Studio
Crob FTP Server 3.5.2 |
Crob FTP Server Remote Denial of Service |
Low |
SB04-058 |
Crob Software Studio
Server 3.5.1 |
Crob FTP Server Remote Directory Traversal & Remote Denial of Service
|
Low/ Medium
(Medium if sensitive information can be obtained)
|
CyberNotes-2004-03 |
Crystal Art Software
Crystal FTP Pro 2.8 |
Crystal FTP Pro Buffer Overflow |
High |
SB04-357 |
CyberStrong
eShop 4.6 |
CyberStrong eShop ASP Shopping Card Unspecified Cross-Site Scripting |
High |
SB04-294 |
Dame Ware Development LLC
Mini Remote Control Server 3.70.0.0, 3.71.0.0, 3.72.0.0 |
Mini Remote Control Buffer Overflow |
High |
|
Dame Ware Development LLC
Mini Remote Control Server 4.1.0.0 |
Mini Remote Control Server Weak Random Key Generation |
Medium |
SB04-105
SB04-091 |
Dame Ware Development LLC
Mini Remote Control Server 4.1.0.0 LLC
|
DameWare Mini Remote Control Server Clear Text Encryption Key Disclosure |
Medium |
SB04-105
SB04-091 |
Dame Ware Development LLC
Mini Remote Control Server 3.70 .0.0- 3.73.0.0, 4.0 |
Mini Remote Control Server Weak Encryption Implementation& Weak Random Key Generation |
Medium |
SB04-091 |
Danware
NetOp Host prior to 7.65 build 2004278 |
Danware NetOp Host Remote Information Disclosure
CVE Name:
CAN-2004-0950
|
Medium |
SB04-329 |
Darkwet Network
Webcam XP 1.06.945 |
WebcamXP Cross-Site Scripting |
High |
|
David Harris
Mercury (win32 version) 4.0 1a |
Mercury Mail Multiple Remote IMAP Stack Buffer Overflows |
High |
SB04-350
SB04-343 |
DAWKCo Software
POP3 Server Hosting Version w/t Web MAIL Extension. 6.1
|
POP3 with WebMAIL Extension Session Timeout Unauthorized Access |
Medium |
SB04-077 |
Dell
True Mobile 1300 WLAN Mini-PCI Card Utility 3.10.39.0 |
TrueMobile 1300 WLAN Help Application |
High |
SB04-077 |
DeSofto
MyProxy 6.58 |
DeSofto MyProxy Arbitrary Ports & Hosts Connection |
Medium |
SB04-336 |
Diebold
GEMS Central Tabulator 1.17.7, 1.18 |
GEMS Central Tabulator Vote Database Vote Modification |
Medium |
SB04-252 |
Digicraft Software
Yak! 2.1.2 |
Digicraft Yak! Directory Traversal |
Medium |
SB04-294 |
Digital Illusions
Codename Eagle 1.42 & prior |
Codename Eagle UDP Packet Processing Remote Denial of Service |
Low |
SB04-357
SB04-350 |
Digital Mapping Systems
DMS POP3 Server 1.5.3.27 |
Digital Mapping DMS POP3 Server Authentication Buffer Overflow |
High |
SB04-329 |
Digital Reality
Haegemonia 1.0, 1.0.4, 1.0.5, 1.0.7 |
Haegemonia Remote Denial of Service
|
Low |
SB04-077 |
Distinct Web Creations
Dwc_Articles 1.6 and prior versions |
Dwc_Articles Input Validation |
Medium |
SB04-301 |
DmxReady
Dmxready Site Chassis Manager |
Dmxready Site Chassis Manager Cross-Site Scripting & SQL Injection Vulnerabilities |
High |
SB04-294 |
Dogpatch Software
CF Webstore 5.0 |
CFWebstore Input Validation & Cross-Site Scripting |
High |
SB04-077 |
EA Games
Medal of Honor
Allied Assault 1.11v9 and prior;
Breakthrough 2.40b and prior;
Spearhead 2.15 and prior
|
EA Games Medal of Honor Has Buffer Overflow in 'connect' Packet |
High |
SB04-203
|
Early Impact
Product Cart 1.5, 1.6 br, br001, br003, 1.6 b, b001- b003, 1.5002, 1.5003, 1.5003 r, 1.5004, 1.6002, 1.6003, 2.0, 2.0 br000, 2.5 |
ProductCart Multiple Vulnerabilities |
Medium/ High
(High if arbitrary code can be executed)
|
SB04-058 |
EFS Software Inc.
Easy File Sharing Web Server 1.2, 1.25 |
Easy File Sharing Web Server Information Disclosure & Remote Denial of Service |
Low/Medium
(Medium if sensitive information can be obtained)
|
SB04-245 |
| EFS Software, Inc.
Easy Chat Server 1.0, 1.1, 1.2
|
Easy Chat Server Denial of Service |
Low |
SB04-189 |
Eight-fifteen Studios
efFingerD 0.2.12 |
EFFingerD Remote Buffer Overflow
|
Low/ High
(High if arbitrary code can be executed)
|
SB04-133 |
Electronic Arts
Need For Speed Hot Pursuit 2 version 2.42 &
prior
|
Black Box Remote Buffer Overflow
|
High |
CyberNotes-2004-03 |
ElektroPost Stockholm AB
EPiServer |
ElektroPost EPiServer Input Validation Errors |
Low/Medium
(Medium if sensitive information can be obtained)
|
SB04-301
|
Emule-Project. net
Emule 0.42 d |
eMule Remote Buffer Overflow |
High |
SB04-119
SB04-105 |
Emulive Imaging Corporation
EmuLive Server4 |
EmuLive Server4 Vulnerabilities |
LowHigh
(High if administrative access can be obtained)
|
SB04-273 |
EMUMail Inc.
EMU Webmail 5.2.7 |
EMU Webmail Multiple Vulnerabilities |
Medium/ High
(High if arbitrary code can be executed)
|
SB04-077 |
Enstar
Mailtraq 2.6.1.1677 |
Enstar Mailtraq Windows Tray Icon Access Control |
Medium |
SB04-329
|
eSignal
eSignal 7.5, 7.6 |
ESignal Remote Buffer Overflow |
Low/High
(High if arbitrary code can be executed) |
SB04-119
SB04-091 |
Ethereal Group
Ethereal 0.9 0.9.16 |
Ethereal SMB Protocol & Q.931 Dissector Remote Denial of Service
CVE Names:
CAN-2003-1012
CAN-2003-1013 |
Low |
|
Expinion.net
Member Management System 2.1 |
Member Management System Multiple Cross-Site Scripting |
High |
SB04-105
SB04-091 |
Expinion.net
News Manager Lite 2.5 |
Expinion.net News Manager Lite Multiple Vulnerabilities |
High |
SB04-105
SB04-091 |
Expinion.net
Member Management System 2.1 |
Member Management System ID Parameter SQL Injection |
High |
SB04-105
SB04-091 |
Explore Anywhere Software
NET Observe 2.0 & prior |
NETObserve Authentication Bypass |
High |
|
EZ network
eZ 3.5 .0 |
EZMeeting ‘EZNet.EXE’ Remote Buffer Overflow |
High |
|
Faronics
FreezeX 1.00.100.0666 |
Faronics FreezeX File Permissions Denial of Service Vulnerability |
Low |
SB04-364
|
Fastream Technologies
Fastream NETFile Server 7.1.2 |
Fastream NETFile Server Denial of Service |
Low |
SB04-329 |
Fastream
NetFILE FTP/Web Server 6.5.1 .980 |
NetFile FTP/Web Server Remote Denial of Service
|
Low |
SB04-119 |
FIL Security Laboratory
Twister Anti-TrojanVirus 5.5 |
Twister Anti-Trojan Virus MS DOS Device Names Scan File Failure |
High |
SB04-301 |
Finjan Software
Surfin Gate 6.x, 7.x |
SurfinGate FHTTP Restart Command |
Low |
CyberNotes-2004-03 |
Floosietek
FTGate Office 1.2, FTGate Pro 1.2 (1331), 1.2 |
FTGate Mail Server Multiple Input Validation |
Medium/ High
(High if arbitrary code can be executed)
|
SB04-105 |
Fluid Games
The Rage 1.0 1 |
The Rage Game Server Remote Denial of Service
|
Low |
SB04-091 |
Foxmail
Foxmail Email Client - Chinese Version 4.2, 5.0, English Version 4.1 |
Foxmail Remote Buffer Overflow |
Low/ High
(High if arbitrary code can be executed)
|
SB04-091 |
freechat.source forge.net
FreeChat 0.1.1 a, 1.1.1 a |
FreeChat Remote Denial of Service
|
Low |
SB04-077 |
Freeform Interactive
Purge 1.4.7 & prior, Jihad 2.0.1 & prior |
Interactive Purge/Purge Jihad Game Client Remote Buffer Overflow |
Low/ High
(High if arbitrary code can be executed)
|
SB04-058 |
F-Secure
Anti-Virus for MS Exchange 6.0 1, 6.2, 6.21, Content Scanner Server 6.31, Internet Gatekeeper 6.3-6.32 |
F-Secure Content Scanner Server Remote Denial of Service
CVE Name:
CAN-2004-0830
|
Low |
SB04-259 |
F-Secure
BackWeb 6.31 |
BackWeb Local Privilege Escalation |
High |
SB04-105 |
Full Revolution
aspWebAlbum 3.2, aspWebCalendar 4.5, aspWebHeadlines 1.1, aspWebMail 1.0 |
Full Revolution aspWebCalendar & aspWebAlbum Multiple SQL Injection |
Medium |
SB04-273 |
gadu-gadu.pl
Gadu-Gadu 6.0 build 149 |
Gadu-Gadu Remote Buffer Overflow |
High |
SB04-259 |
gadu-gadu.pl
Gadu-Gadu Instant Messenger 6.0 |
Gadu-Gadu Spoofed File Extension |
Medium |
SB04-245 |
Gadu-Gadu
Instant Messenger 6.0 build 149-build 155, 6.0 |
Gadu-Gadu Multiple Remote Input Validation Vulnerabilities |
Medium/High
(High if arbitrary code can be executed)
|
SB04-357 |
GameSpy
Roger Wilco Dedicated Server (Linux, BSD) 0.26, 0.27, Dedicated Server (Win32) 0.26-
0.30 a, Graphical Server 1.4.1 .6
GameSpy Roger Wilco Graphical Server 1.4.1 .5
GameSpy Roger Wilco Graphical Server 1.4.1 .1- 1.4.1 .4
|
Roger Wilco Server Multiple Vulnerabilities |
Low/ Medium
(Medium if sensitive informa-tion can be obtained)
|
SB04-105 |
GeeOS Team
Gattaca Server 2003 1.x
|
Gattaca Server 2003 Multiple Vulnerabilities |
Medium |
SB04-203 |
getSolutions
getIntranet 2.2 |
GetIntranet Multiple Remote Input Validation |
Medium/High
(High if arbitrary code can be executed)
|
SB04-259 |
GetWare
PhotoHost 4.0 & prior; WebCam Live 2.01 & prior
|
Web Server Component Content-Length Value Remote Denial of Service |
Low |
|
Global SCAPE, Inc.
Global SCAPE Secure FTP Server 2.0 Build 03.11.2004.2 |
GlobalSCAPE Secure FTP Server SITE Command Remote Buffer Overflow |
High |
SB04-091 |
Global Spy Software
Cyber Web Filter 2.00 |
Global Spy Software Cyber Web Filter IP Address Restriction Security Bypass |
Medium |
SB04-308 |
GlobalSCAPE, Inc.
CuteFTP 6.0 |
GlobalScape CuteFTP Multiple Command Response Buffer Overflow |
Low/High
(High if arbitrary code can be executed)
|
SB04-343 |
GoAhead Software
GoAhead Web Server 2.0, 2.1- 2.1.7 |
GoAhead Webserver Information Disclosure |
Medium |
|
GoodTech Systems
GoodTech Telnet Server 4.0.103 |
GoodTech Telnet Server Remote Denial of Service |
Low |
|
Google
Toolbar 1.1.41-1.1.49, 1.1.53-1.1.60, 2.0.114.1 |
Google Toolbar Input Validation
|
High |
|
Google
Gmail |
Google Gmail 'zx' Variable Input Validation |
High |
SB04-329
|
Google
Google Desktop Search |
Google Desktop Search 'meta' Tag Input Validation |
High |
SB04-308
|
Google
Google Desktop Search |
Google Desktop Search Input Validation |
High |
SB04-322
|
Google
Google Desktop Search prior to 121004 |
Google Desktop Search |
Medium |
SB04-357 |
Green Eggs, Inc.
News TraXor Website Management Script 2.9 beta |
NewsTraXor Remote Database Disclosure |
Medium |
SB04-119 |
H+BEDV
AntiVir DOS 6.28 .00.03, AntiVir Windows Server NT/2000/2003 6.28.01.03, AntiVir Windows Workstation 6.28 .00.01 |
H+BEDV AntiVir Fails to Scan Files Named With MS DOS Device Names |
High |
SB04-301 |
HD Soft
Windows FTD Server 1.6 & prior |
Windows FTP Server Username Format String |
Low/High
(High if arbitrary code can be executed) |
|
Headlight Software, Inc.
GetRight 5.2a & prior |
GetRight 'DUNZIP32.DLL' Buffer Overflow |
High |
SB04-350
SB04-343 |
Hewlett Packard Company
StorageWorks Command View XP 1.7 B, 1.7 A, 1.8 B, 1.8 A, 1.11.02, 1.11, 1.11.1, 1.30 .00, 1.40 .04, 1.40 .01, 1.51 .00, 1.52 .00, 1.53 .05a, 1.53.01a, 1.53 .00, 1.60 .00 |
HP StorageWorks Command View XP Restriction Bypass |
Medium |
SB04-273 |
Hewlett Packard Company
Web Jetadmin 7.5.2456 |
Jetadmin Printer Firmware Update Script Arbitrary File Upload Weakness |
Low/ Medium/ High
(Low if a DoS; Medium is sensitive informa-tion can be obtained; and High if arbitrary code can be executed)
|
SB04-105
SB04-091 |
HostingController
Hosting Controller v.6.1 Hotfix 1.4 |
Hosting Controller 'Statsbrowse.asp' & 'Generalbrowse.asp' Information Disclosure |
Medium |
SB04-343 |
Hummingbird
Hummingbird Connectivity 7.1 and 9.0 |
Hummingbird Connectivity Vulnerabilities |
Medium |
SB04-301 |
HyperionX Software
DCAM WebCam server, 8.2.5 |
DCAM WebCam Server Directory Traversal |
Medium |
|
Iatek
ASPapp Intranet App 2.3, ASPapp Portal App, ASPapp Project App |
Multiple Remote ASPapp Portal Vulnerabilities |
Medium/High
(High if administrative access can be obtained or arbitrary code can be executed) |
|
IBEX Software
Remote Execute 2.x |
IBEX Software Remote Execute Denial of Service |
Low |
SB04-350
SB04-343 |
| IBM
acpRunner 1.2.5 .0
|
IBM ACPRunner ActiveX Control Unsafe Methods
|
High |
SB04-175 |
| IBM
eGatherer 2.0 .16
|
IBM EGatherer ActiveX Control Dangerous Method |
High |
SB04-175 |
| IBM
Lotus Domino 6.5.1
|
IBM Lotus Domino Malicious Email Remote Denial of Service
|
Low |
SB04-189 |
| IBM
Lotus Notes 5.0.12, 6.0, 6.0.1, 6.5
|
IBM Lotus Notes URI Handler Cross-Site Scripting
CVE Name:
CAN-2004-0480
|
High |
SB04-189 |
IBM
3.1 Agent for Windows |
IBM Director Agent Remote Denial of Service
|
Low |
SB04-105 |
IBM
DB2 Universal Database for Windows 8.1 |
DB2 Remote Command Server Administrative Access |
High |
SB04-077 |
IBM
Microsoft Windows XP SP1 OEM Version,
Microsoft Windows XP OEM Version |
IBM OEM Microsoft Windows Default Administrative Account |
High |
|
IceWarp
IceWarp Web Mail prior to 5.3.0 |
IceWarp Web Mail Cross-Site Scripting Vulnerabilities |
High |
SB04-287 |
IceWarp
IceWarp Web Mail prior to 5.2.8 |
IceWarp Web Mail Multiple Unspecified Vulnerabilities |
High |
SB04-231 |
IceWarp
Merak Mail Server 7.5.2 and 7.6.0 with Icewarp Web Mail |
IceWarp Merak Mail Server Multiple Remote Vulnerabilities |
Medium |
SB04-322
SB04-315 |
Ideal Science
IdealBB Multiple 0.1.5.3 |
Ideal Science IdealBB Multiple Input Validation Errors |
High |
SB04-294 |
Illustrate
dBpowerAMP Audio Player 2.0 |
dBpowerAMP Audio Player Buffer Overflows |
High |
SB04-273 |
Illustrate
dBpowerAMP Music Converter 10.0
|
dBpowerAMP Music Converter Buffer Overflows |
Low/High
(High if arbitrary code can be executed)
|
SB04-273 |
Imspire
GSuite |
Imspire GSuite Passwords Disclosure |
Medium |
SB04-308 |
Inari, Inc.
Avirt SOHO 4.3 |
Avirt Soho Server HTTP GET Remote Buffer Overflow
|
Low/ High
(High if arbitrary code can be executed)
|
SB04-077 |
Inari, Inc.
Avirt Voice 4.0 |
Avirt Voice HTTP GET Remote Buffer Overflow
|
Low/ High
(High if arbitrary code can be executed)
|
SB04-077 |
Infopulse Electronic Commerce B.V.
Proxy-Pro Professional Gate Keeper 4.7 |
Proxy-Pro Professional GateKeeper Web Proxy Remote Buffer Overflow
|
High |
SB04-077 |
Infuseum
Infuseum's ASP Message Board (AMB) 2.2.1c |
Infuseum Input Validation Vulnerabilities |
High |
SB04-322 |
Innermedia
DynaZip prior to version 5.00.04 |
InnerMedia DynaZip library Buffer Overflow |
High |
SB04-336 |
Innovative Technology Consulting
FTP GLIDE 2.43 |
FTP GLIDE Discloses Passwords to Local Users |
Medium |
SB04-217 |
Interactive Studio
GamePort 3.0, 3.1, 4.0 |
Interactive Studio GamePort Multiple Vulnerabilities
|
Medium/High
(High if arbitrary code can be executed)
|
SB04-357 |
Internet Now!
Proxy Now! 2.75 & prior |
ProxyNow Multiple Buffer Overflows |
High |
CyberNotes-2004-03 |
Internet Security Systems
BlackICE 3.6.cbz |
BlackICE PC Protection ‘blackd.exe’ Code Execution |
High |
CyberNotes-2004-03 |
Internet Security Systems
BlackICE PC Protection 3.6, ccg, ccf, cce, ccd, ccc, ccb, cca, cbz, cbr, cbd, cbz, BlackIce Server Protection 3.5 cdf, 3.6, ccg,
Internet Security Systems BlackIce Server Protection 3.6 ccf, cce, ccd, ccc, ccb, cca, cbz, cbr
|
BlackICE PC/Server Protection Weak Default Configuration |
Medium |
SB04-091 |
Internet Security Systems
Real Secure Network 7.0, XPU 22.11& prior, Server Sensor 7.0 XPU 22.11 & prior, 6.5 for Windows SR 3.10 & prior, Proventia A & G Series XPU 22.11 & prior, M Series XPU 1.9 & prior, Real Secure Desktop 7.0 ebl & prior, 3.6 ecf & prior, Real Secure Guard 3.6 ecf & prior, Real Secure Sentry 3.6 ecf & prior, BlackICE Agent for Server 3.6 ecf & prior, BlackICE PC Protection 3.6 ccf & prior, BlackICE Server Protection 3.6 ccf & prior |
Internet Security Systems Protocol Analysis Module
Remote Buffer Overflow
|
High |
SB04-105
SB04-091 |
iNvicta
wMCam Server 2.1.348 |
WMCam Server Remote Denial of Service
|
Low |
SB04-077 |
| INweb Mail Server 2.x |
INweb Mail Server Multiple Connection Denial of Service Vulnerability |
Low |
SB04-203 |
IPSwitch
IMail 5.0, 5.0.5-5.0.8, 6.0-6.0.6, 6.1-6.4, 7.0.1-7.0.7, 7.1, 7.12, 8.0.3, 8.0.5, 8.1 |
Ipswitch IMail Server Multiple Buffer Overflow Remote Denial of Service |
Low/High
(High if arbitrary code can be executed)
|
SB04-252 |
Ipswitch
IMail 8.13 |
Ipswitch IMail Server Remote Buffer Overflow |
High |
SB04-329
SB04-322 |
Ipswitch
WhatsUp Gold 7.0 4, 7.0 3, 7.0, 8.0 3, 8.0 1, 8.0 |
|
High |
SB04-287
SB04-245 |
IPSwitch
WhatsUp Gold 7.0 4, 7.0 3, 7.0, 8.03 hotfix 1, 8.03, 8.0 1, 8.0 |
WhatsUpGold Web Interface Vulnerabilities |
Low/High
(High if arbitrary code can be executed)
|
SB04-252 |
IPSwitch
WS FTP Server 1.0.1- 1.0.5, 2.0-2.0.4, 3.0, 3.0.1, 3.1-3.1.3, 3.4, 4.0-4.0.2 |
WS_FTP Server Remote Denial of Service |
Low |
|
IpSwitch
IMail 8.0.3, 8.0.5 |
IMail Server Remote LDAP Daemon Buffer Overflow
|
High |
SB04-077
SB04-058 |
IpSwitch
IMail Express 8.0 3 |
IMail Express Web Messaging Buffer Overflow |
High |
SB04-119 |
IpSwitch
WS FTP Server 1.0.1- 1.0.5, 2.0- 2.0.4, 3.0, 3.01, 3.1- 3.1.3, 3.4, 4.0-4.02, WS_FTP Pro 6.0, 7.5, 8.0 2, 8.0 3 |
WS_FTP Multiple Vulnerabilities |
Low/ High
(High if arbitrary code can be executed)
|
SB04-091 |
IPSwitch
WS FTP Server 5.0.2 |
IPSwitch WS_FTP Remote Denial of Service |
Low |
SB04-252 |
IpSwitch
WS_FTP Pro 8.0 3 |
WS_FTP Pro Client Remote Buffer Overflow
|
High |
SB04-091 |
IpSwitch
WS_FTP Pro 8.0 3,
WS_FTP Pro 8.0 2
|
WS_FTP Pro Client Remote Buffer Overflow |
High |
SB04-091 |
IpSwitch
WS_FTP Server 5.03, 2004.10.14 |
IpSwitch WS_FTP Buffer Overflow |
High
|
SB04-350
SB04-343
SB04-336 |
itez Multimedia Solutions
Picophone Internet Telephone 1.63 |
PicoPhone Internet Phone Remote Buffer Overflow
|
Low/ High
(High if arbitrary code can be executed)
|
SB04-091 |
Jera Technology
Flash Messaging 5.2.0g (rev 1.1.2) and prior |
Jera Technology Flash Messaging Denial of Service |
Low |
SB04-287 |
Jerod Moemeka
Xedus 1.0 |
Xedus Web Server Input Validation Vulnerabilities |
Low/Medium/High
(Low if a DoS; Medium if sensitive information can be obtained; and High if arbitrary code can be executed)
|
SB04-252 |
Jigunet Corporation
Twin FTP Server 1.x |
TwinFTP Server Directory Traversal |
Medium |
SB04-259 |
Jordan Stojanovski
Jordan’s Windows Telnet Server 1.0, 1.2 |
Jordan Windows Telnet Server Remote Buffer Overflow |
High |
|
KarjaSoft
Sami FTP Server 1.1.3 |
Sami FTP Server Multiple Remote Denial of Service
|
Low |
SB04-058 |
KarjaSoft
Sami HTTP Server 1.0.4 |
Sami HTTP Server GET Request Buffer Overflow
|
Low/ High
(High if arbitrary code can be executed)
|
SB04-058 |
Kaspersky Lab
KAV 5.0.149, 5.0.153
|
Kaspersky Anti-Virus Authentication Bypass |
Medium |
SB04-280 |
Keene Software Corporation
Keene Digital Media Server 1.0.2 |
Keene Digital Media (KDM) Server Multiple Vulnerabilities |
Medium |
SB04-231 |
Keene Software Corporation
Keene Digital Media Server 1.0.2 |
Keene Digital Media Server Cross-Site Scripting |
High |
SB04-252 |
Keene Software Corporation
Keene Digital Media Server 1.0.2 |
Keene Digital Media Server Directory Traversal |
Medium |
SB04-245 |
Kerio Technologies Inc.
Kerio Personal Firewall 4.0.6-4.0.10, 4.0.16 |
Kerio Personal Firewall Security Bypass |
Medium |
SB04-252 |
Kerio Technologies Inc.
Kerio Personal Firewall 4.1.2 and prior |
Kerio Personal Firewall Remote Denial of Service |
Low |
SB04-322
SB04-315 |
Kerio Technologies Inc.
Personal Firewall 4.0.6-4.0.10, 4.0.16, 4.1-4.1.2, Personal Firewall 2 2.1-2.1.5 |
Kerio Personal Firewall Local Denial of Service |
Low |
SB04-350 |
Kerio Technologies
Kerio Personal Firewall 4.0.6- 4.0.9 |
Kerio Personal Firewall TCP Stealth Scans |
Medium |
|
Kerio Technologies
Mail server 5.7.0- 5.7.6 |
Kerio MailServer Spam Filter Buffer Overflow |
High |
SB04-091 |
Kerio Technologies
Mailserver 5.0, 5.1, 5.1.1, 5.6.3-5.6.5, 5.7.0-5.7.10, 6.0-6.0.4, ServerFirewall 1.0, WinRoute Firewall 5.0.1-5.0.9, 5.1-5.1.10, 5.10, 6.0-6.0.8 |
Multiple Kerio Products Universal Secret Key Storage
CVE Name:
CAN-2004-1022
|
Medium |
SB04-357 |
Kerio Technologies
Personal Firewall 4.0.6- 4.0.10
|
Kerio Personal Firewall Web Filtering Remote Denial of Service |
Low |
SB04-105 |
Kerio Technologies
WinRoute Firewall 5.0.1- 5.0.9, 5.1-5.1.9 |
WinRoute Firewall Malformed HTTP Header Denial of Service |
Low |
SB04-091 |
Kerio
WinRoute Firewall 6.0-6.0.8 |
Kerio WinRoute Firewall Multiple Unspecified Remote
|
Low/Medium
(Medium if sensitive information can be obtained)
|
SB04-350 |
Kinesphere Corporation
eXchange POP3 4.0, 5.0 |
Exchange POP3 Remote Buffer Overflow |
|
Mailing Lists & Feeds
