CVE-2004-0xxx

There are 948 CVE in this subgroup.
Last updated: 
← Back to 2004
ID Summary Flags Max Score
CVE-2004-0001 Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on ...
S
CVE-2004-0002 The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denia...
S
CVE-2004-0003 Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related t...
S
CVE-2004-0004 The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the ...
S
CVE-2004-0005 Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possi...
E S
CVE-2004-0006 Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote atta...
S
CVE-2004-0007 Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gai...
S
CVE-2004-0008 Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to...
S
CVE-2004-0009 Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled,...
CVE-2004-0010 Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local ...
S
CVE-2004-0011 Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code....
S
CVE-2004-0012 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0013 jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which...
S
CVE-2004-0014 Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to ...
S
CVE-2004-0015 vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL scrip...
S
CVE-2004-0016 The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holida...
S
CVE-2004-0017 Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware ...
S
CVE-2004-0028 jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execut...
S
CVE-2004-0029 Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable perm...
CVE-2004-0030 PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) ...
S
CVE-2004-0031 PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator passw...
CVE-2004-0032 Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to...
CVE-2004-0033 admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action p...
CVE-2004-0034 Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attacke...
CVE-2004-0035 SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to ...
CVE-2004-0036 SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote att...
CVE-2004-0037 FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks i...
CVE-2004-0038 McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to exe...
S
CVE-2004-0039 Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Poin...
S
CVE-2004-0040 Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemo...
S
CVE-2004-0041 The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user accoun...
S
CVE-2004-0042 vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists,...
CVE-2004-0043 Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a...
CVE-2004-0044 Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco C...
S
CVE-2004-0045 Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 ...
S
CVE-2004-0046 Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject ar...
E
CVE-2004-0047 Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, wh...
S
CVE-2004-0049 Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of serv...
S
CVE-2004-0050 Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document ro...
CVE-2004-0051 Multiple content security gateway and antivirus products allow remote attackers to bypass content re...
CVE-2004-0052 Multiple content security gateway and antivirus products allow remote attackers to bypass content re...
CVE-2004-0053 Multiple content security gateway and antivirus products allow remote attackers to bypass content re...
CVE-2004-0054 Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allo...
S
CVE-2004-0055 The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attacke...
E S
CVE-2004-0056 Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communica...
S
CVE-2004-0057 The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier...
S
CVE-2004-0058 Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary fi...
CVE-2004-0059 Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows...
CVE-2004-0060 WWW File Share Pro 2.42 and earlier allows remote attackers to cause a denial of service (crash) via...
CVE-2004-0061 WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions ...
CVE-2004-0062 Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1...
CVE-2004-0063 The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Stat...
CVE-2004-0064 The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrar...
CVE-2004-0065 Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute a...
CVE-2004-0066 phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via mal...
CVE-2004-0067 Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers...
CVE-2004-0068 PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 and earlier allows remote att...
S
CVE-2004-0069 Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to...
E
CVE-2004-0070 PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to exec...
E
CVE-2004-0071 Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup...
CVE-2004-0072 Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arb...
E S
CVE-2004-0073 PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPag...
E S
CVE-2004-0074 Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG env...
E S
CVE-2004-0075 The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying da...
S
CVE-2004-0076 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was re...
R
CVE-2004-0077 The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to ...
E S
CVE-2004-0078 Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows...
S
CVE-2004-0079 The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote ...
CVE-2004-0080 The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and realloca...
S
CVE-2004-0081 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote atta...
CVE-2004-0082 The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but...
S
CVE-2004-0083 Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users an...
E S
CVE-2004-0084 Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin...
E S
CVE-2004-0085 Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a ...
S
CVE-2004-0086 Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vect...
CVE-2004-0087 The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network ...
CVE-2004-0088 The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a...
CVE-2004-0089 Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privi...
CVE-2004-0090 Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown ...
S
CVE-2004-0091 NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in regis...
CVE-2004-0092 Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact....
CVE-2004-0093 XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary co...
S
CVE-2004-0094 Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and p...
S
CVE-2004-0095 McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consu...
E
CVE-2004-0096 Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (http...
S
CVE-2004-0097 Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service a...
S
CVE-2004-0098 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0099 mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file sy...
S
CVE-2004-0103 crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment ...
S
CVE-2004-0104 Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute...
E S
CVE-2004-0105 Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary co...
S
CVE-2004-0106 Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font fil...
S
CVE-2004-0107 The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arb...
S
CVE-2004-0108 The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via ...
S
CVE-2004-0109 Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows...
S
CVE-2004-0110 Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 throu...
S
CVE-2004-0111 gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap ...
S
CVE-2004-0112 The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites...
CVE-2004-0113 Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to caus...
S
CVE-2004-0114 The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1....
S
CVE-2004-0115 VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncat...
S
CVE-2004-0116 An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000...
S
CVE-2004-0117 Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, ...
S
CVE-2004-0118 The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does no...
S
CVE-2004-0119 The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Se...
S
CVE-2004-0120 The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows S...
S
CVE-2004-0121 Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters o...
E S
CVE-2004-0122 Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote a...
S
CVE-2004-0123 Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, ...
S
CVE-2004-0124 The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attacke...
S
CVE-2004-0125 The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulat...
S
CVE-2004-0126 The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even i...
S
CVE-2004-0127 Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows ...
E S
CVE-2004-0128 PHP remote file inclusion vulnerability in the GEDCOM configuration script for phpGedView 2.65.1 and...
E S
CVE-2004-0129 Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attack...
E S
CVE-2004-0130 login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via...
E
CVE-2004-0131 The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote ...
S
CVE-2004-0132 Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote atta...
CVE-2004-0133 The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written t...
S
CVE-2004-0134 cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provi...
CVE-2004-0135 The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileg...
CVE-2004-0136 The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of...
CVE-2004-0137 Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of...
CVE-2004-0138 The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (cr...
S
CVE-2004-0139 Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibl...
S
CVE-2004-0140 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0141 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0142 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0143 Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote attackers to cause a denial of ...
S
CVE-2004-0144 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0145 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0146 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0147 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0148 wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass acce...
S
CVE-2004-0149 Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges....
E S
CVE-2004-0150 Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disable...
S
CVE-2004-0151 Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands....
S
CVE-2004-0152 Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode funct...
S
CVE-2004-0153 Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execu...
S
CVE-2004-0154 rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (...
E S
CVE-2004-0155 The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certifica...
S
CVE-2004-0156 Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allo...
S
CVE-2004-0157 x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail prog...
S
CVE-2004-0158 Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME e...
E S
CVE-2004-0159 Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of ser...
S
CVE-2004-0160 Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on th...
S
CVE-2004-0161 Multiple content security gateway and antivirus products allow remote attackers to bypass content re...
CVE-2004-0162 Multiple content security gateway and antivirus products allow remote attackers to bypass content re...
CVE-2004-0163 Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, whic...
S
CVE-2004-0164 KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to dele...
CVE-2004-0165 Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2...
E S
CVE-2004-0166 Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in t...
S
CVE-2004-0167 DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media...
CVE-2004-0168 Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."...
CVE-2004-0169 QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of...
S
CVE-2004-0171 FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of se...
S
CVE-2004-0172 Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed s...
CVE-2004-0173 Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when ...
E S
CVE-2004-0174 Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certai...
S
CVE-2004-0175 Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to...
S
CVE-2004-0176 Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of s...
S
CVE-2004-0177 The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, w...
S
CVE-2004-0178 The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 ...
S
CVE-2004-0179 Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use n...
CVE-2004-0180 The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using ...
S
CVE-2004-0181 The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written t...
S
CVE-2004-0182 Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email mess...
S
CVE-2004-0183 TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP pa...
S
CVE-2004-0184 Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to ca...
E S
CVE-2004-0185 Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows re...
E S
CVE-2004-0186 smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root pri...
E S
CVE-2004-0187 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0185. Reason: This candida...
R
CVE-2004-0188 Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary co...
S
CVE-2004-0189 The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass ur...
E S
CVE-2004-0190 Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administrati...
S
CVE-2004-0191 Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loade...
E
CVE-2004-0192 Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0...
E S
CVE-2004-0193 Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of...
S
CVE-2004-0194 Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows re...
S
CVE-2004-0197 Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary co...
CVE-2004-0199 Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly valida...
E S
CVE-2004-0200 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI...
CVE-2004-0201 Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, M...
S
CVE-2004-0202 IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used...
S
CVE-2004-0203 Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack ...
S
CVE-2004-0204 Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, ...
E S
CVE-2004-0205 Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arb...
S
CVE-2004-0206 Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 20...
S
CVE-2004-0207 "Shatter" style vulnerability in the Window Management application programming interface (API) for M...
S
CVE-2004-0208 The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and W...
S
CVE-2004-0209 Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows ...
CVE-2004-0210 The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary...
KEV S
CVE-2004-0211 The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, w...
S
CVE-2004-0212 Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 o...
S
CVE-2004-0213 Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised p...
S
CVE-2004-0214 Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows...
CVE-2004-0215 Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash...
S
CVE-2004-0216 Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows re...
S
CVE-2004-0217 The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat ...
E S
CVE-2004-0218 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite lo...
S
CVE-2004-0219 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via ...
CVE-2004-0220 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKM...
S
CVE-2004-0221 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via ...
CVE-2004-0222 Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial...
CVE-2004-0224 Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courie...
S
CVE-2004-0226 Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a den...
S
CVE-2004-0227 Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute...
S
CVE-2004-0228 Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows lo...
CVE-2004-0229 The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with u...
CVE-2004-0230 TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers ...
E S
CVE-2004-0231 Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "I...
S
CVE-2004-0232 Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers t...
CVE-2004-0233 Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows l...
E S
CVE-2004-0234 Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used i...
E S
CVE-2004-0235 Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to cr...
E S
CVE-2004-0236 SQL injection vulnerability in login.asp in thePHOTOtool allows remote attackers to gain unauthorize...
CVE-2004-0237 Directory traversal vulnerability in index.php in Aprox PHP Portal allows remote attackers to read a...
E
CVE-2004-0238 Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitra...
E
CVE-2004-0239 SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote atta...
E
CVE-2004-0240 Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files vi...
CVE-2004-0241 X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (...
E S
CVE-2004-0242 X-Cart 3.4.3 allows remote attackers to gain sensitive information via a mode parameter with (1) php...
E S
CVE-2004-0243 AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the...
CVE-2004-0244 Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWA...
CVE-2004-0245 Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a H...
CVE-2004-0246 Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentair...
E
CVE-2004-0247 The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service...
E
CVE-2004-0248 Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary ...
E S
CVE-2004-0249 PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the coo...
E S
CVE-2004-0250 SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain pri...
E
CVE-2004-0251 Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote attackers to execute arbitrar...
E
CVE-2004-0252 TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a...
CVE-2004-0253 IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cau...
CVE-2004-0254 Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to exe...
E
CVE-2004-0255 Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by req...
E
CVE-2004-0256 GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a...
S
CVE-2004-0257 OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by ...
S
CVE-2004-0258 Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and Rea...
S
CVE-2004-0259 The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass acces...
CVE-2004-0260 The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains a backdoor that allows remote...
CVE-2004-0261 oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to bypass authentication and access ...
E S
CVE-2004-0262 Stack-based buffer overflow in The Palace 3.5 and earlier client allows remote attackers to execute ...
CVE-2004-0263 PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual host...
CVE-2004-0264 palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing tw...
E S
CVE-2004-0265 Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attacke...
E
CVE-2004-0266 SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to ...
E
CVE-2004-0267 The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow...
CVE-2004-0268 Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote attackers to cause a denial of se...
E
CVE-2004-0269 SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly 7.x, allows remote attackers t...
E S
CVE-2004-0270 libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a ...
E S
CVE-2004-0271 Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execut...
E S
CVE-2004-0272 SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and...
E
CVE-2004-0273 Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desk...
S
CVE-2004-0274 Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED statu...
E
CVE-2004-0275 SQL injection vulnerability in calendar_download.php in BosDates 3.2 and earlier allows remote attac...
E
CVE-2004-0276 The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attacke...
E S
CVE-2004-0277 Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (...
E
CVE-2004-0278 Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Sp...
E
CVE-2004-0279 AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary files via a symlink attack on...
S
CVE-2004-0280 Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a ....
E
CVE-2004-0281 Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the co...
E
CVE-2004-0282 Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly con...
E
CVE-2004-0283 Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/mailm...
CVE-2004-0284 Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a de...
S
CVE-2004-0285 PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyL...
E S
CVE-2004-0286 Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service ...
E
CVE-2004-0287 Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a ...
CVE-2004-0288 Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow rem...
S
CVE-2004-0289 Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service (seg...
CVE-2004-0290 Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary cod...
E
CVE-2004-0291 SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtai...
E S
CVE-2004-0292 Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of ser...
E
CVE-2004-0293 Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary f...
E
CVE-2004-0294 YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier f...
CVE-2004-0295 TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consump...
E
CVE-2004-0296 TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an e...
E
CVE-2004-0297 Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in ...
E S
CVE-2004-0298 CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RET...
E
CVE-2004-0299 Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP...
E
CVE-2004-0300 SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL ...
E
CVE-2004-0301 Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attacker...
E
CVE-2004-0302 Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a ...
E
CVE-2004-0303 OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in (1) the file ...
E
CVE-2004-0304 SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attack...
E
CVE-2004-0305 Cross-site scripting (XSS) vulnerability in error.asp in WebCortex WebStores 2000 6.0 allows remote ...
E
CVE-2004-0306 Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15...
S
CVE-2004-0307 Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote...
S
CVE-2004-0308 Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before...
S
CVE-2004-0309 Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4...
CVE-2004-0310 Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execu...
CVE-2004-0311 American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are sh...
S
CVE-2004-0312 Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to ga...
E
CVE-2004-0313 Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly e...
E
CVE-2004-0314 Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attac...
CVE-2004-0315 Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and ...
CVE-2004-0316 Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (...
CVE-2004-0317 Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote att...
S
CVE-2004-0318 Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exi...
E S
CVE-2004-0319 Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to ...
E
CVE-2004-0320 Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local ...
CVE-2004-0321 Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a pack...
CVE-2004-0322 Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to e...
E S
CVE-2004-0323 Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitra...
E S
CVE-2004-0324 Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header...
S
CVE-2004-0325 TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumpt...
E
CVE-2004-0326 Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary...
E
CVE-2004-0327 Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to...
E
CVE-2004-0328 Gigabyte Gn-B46B 2.4Ghz wireless broadband router firmware 1.003.00 allows local users on the same l...
CVE-2004-0329 FreeChat 1.1.1a allows remote attackers to cause a denial of service (crash) via certain unexpected ...
E
CVE-2004-0330 Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary ...
E
CVE-2004-0331 Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a de...
S
CVE-2004-0332 Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, w...
CVE-2004-0333 Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly...
E S
CVE-2004-0334 InnoMedia VideoPhone allows remote attackers to bypass Basic Authorization via an HTTP request to (1...
CVE-2004-0335 LAN SUITE Web Mail 602Pro, when configured to use the "Directory browsing" feature, allows remote at...
CVE-2004-0336 LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login f...
E
CVE-2004-0337 Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to exe...
E
CVE-2004-0338 SQL injection vulnerability in search.php for Invision Board Forum allows remote attackers to execut...
CVE-2004-0339 Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, all...
S
CVE-2004-0340 Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3....
E S
CVE-2004-0341 WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, w...
E S
CVE-2004-0342 WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause ...
E S
CVE-2004-0343 Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to exe...
E S
CVE-2004-0344 Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote...
E S
CVE-2004-0345 Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary co...
E
CVE-2004-0346 Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local u...
E
CVE-2004-0347 Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firm...
S
CVE-2004-0348 SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote atta...
E
CVE-2004-0349 Directory traversal vulnerability in GWeb HTTP Server 0.6 allows remote attackers to view arbitrary ...
E
CVE-2004-0350 SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it e...
E
CVE-2004-0351 Spider Sales shopping cart stores the private key in the same database and table as the public key, ...
E
CVE-2004-0352 Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.1...
S
CVE-2004-0353 Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9...
E S
CVE-2004-0354 Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow re...
E S
CVE-2004-0355 Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a ...
CVE-2004-0356 Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remo...
E
CVE-2004-0357 Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code v...
S
CVE-2004-0358 Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote attackers...
E
CVE-2004-0359 Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remo...
E
CVE-2004-0360 Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via ...
S
CVE-2004-0361 The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service...
E
CVE-2004-0362 Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Modul...
E S
CVE-2004-0363 Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam ...
S
CVE-2004-0364 The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scr...
S
CVE-2004-0365 The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows r...
CVE-2004-0366 SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arb...
S
CVE-2004-0367 Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-le...
S
CVE-2004-0368 Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows re...
CVE-2004-0369 Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 throug...
S
CVE-2004-0370 The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not proper...
CVE-2004-0371 Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency chec...
S
CVE-2004-0372 xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that...
S
CVE-2004-0374 Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and ...
S
CVE-2004-0375 SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 20...
E
CVE-2004-0376 oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT comm...
S
CVE-2004-0377 Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Per...
S
CVE-2004-0378 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0379 Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow...
CVE-2004-0380 The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows...
E S
CVE-2004-0381 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed...
S
CVE-2004-0382 Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknow...
CVE-2004-0383 Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the h...
CVE-2004-0385 Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0...
S
CVE-2004-0386 Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote att...
E S
CVE-2004-0387 Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Play...
S
CVE-2004-0388 The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attac...
S
CVE-2004-0389 RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of ser...
E S
CVE-2004-0390 SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in u...
CVE-2004-0391 Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 thro...
S
CVE-2004-0392 racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and drop...
CVE-2004-0393 Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attacker...
E S
CVE-2004-0394 A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be ...
CVE-2004-0395 The xatitv program in the gatos package does not properly drop root privileges when the configuratio...
S
CVE-2004-0396 Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pser...
S
CVE-2004-0397 Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier al...
E S
CVE-2004-0398 Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libne...
CVE-2004-0399 Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option...
E S
CVE-2004-0400 Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, ...
E S
CVE-2004-0401 Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER par...
CVE-2004-0402 Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users...
S
CVE-2004-0403 Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) vi...
E S
CVE-2004-0404 logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temp...
S
CVE-2004-0405 CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames v...
S
CVE-2004-0406 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0407 The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is int...
S
CVE-2004-0408 Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to ...
S
CVE-2004-0409 Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversa...
S
CVE-2004-0410 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2004-0411 The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that b...
S
CVE-2004-0412 Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to...
S
CVE-2004-0413 libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) oth...
S
CVE-2004-0414 CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" li...
S
CVE-2004-0415 Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local us...
S
CVE-2004-0416 Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x th...
S
CVE-2004-0417 Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through ...
S
CVE-2004-0418 serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empt...
S
CVE-2004-0419 XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could a...
S
CVE-2004-0420 The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, a...
E
CVE-2004-0421 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial...
S
CVE-2004-0422 flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitra...
S
CVE-2004-0423 The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files v...
CVE-2004-0424 Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 throu...
E S
CVE-2004-0425 Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbi...
CVE-2004-0426 rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using c...
S
CVE-2004-0427 The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decreme...
S
CVE-2004-0428 Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "t...
S
CVE-2004-0429 Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3....
S
CVE-2004-0430 Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attacke...
S
CVE-2004-0431 Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitra...
CVE-2004-0432 ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowA...
S
CVE-2004-0433 Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1...
CVE-2004-0434 k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 co...
S
CVE-2004-0435 Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and ea...
CVE-2004-0437 Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote...
E S
CVE-2004-0444 Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 t...
S
CVE-2004-0445 The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norto...
S
CVE-2004-0447 Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of servic...
S
CVE-2004-0448 Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenti...
S
CVE-2004-0449 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0450 Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users o...
S
CVE-2004-0451 Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in S...
S
CVE-2004-0452 Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/wri...
S
CVE-2004-0453 Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local us...
S
CVE-2004-0454 Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbit...
E S
CVE-2004-0455 Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a ...
CVE-2004-0456 Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web...
S
CVE-2004-0457 The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server...
S
CVE-2004-0458 mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a miss...
S
CVE-2004-0459 The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS t...
CVE-2004-0460 Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0...
S
CVE-2004-0461 The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do ...
S
CVE-2004-0462 The built-in web servers for multiple networking devices do not set the Secure attribute for sensiti...
CVE-2004-0463 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0464 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0465 Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier ...
E S
CVE-2004-0466 WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote attackers to cause a denial of se...
S
CVE-2004-0467 Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing di...
S
CVE-2004-0468 Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denia...
S
CVE-2004-0469 Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before...
S
CVE-2004-0470 BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic....
S
CVE-2004-0471 BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site r...
S
CVE-2004-0472 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a r...
R
CVE-2004-0473 Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that b...
CVE-2004-0474 Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http...
E
CVE-2004-0475 The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute ar...
E
CVE-2004-0476 Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 allows remote attackers to caus...
CVE-2004-0477 Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass...
S
CVE-2004-0478 Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consum...
CVE-2004-0479 Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that...
CVE-2004-0480 Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute...
E S
CVE-2004-0481 The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other ver...
S
CVE-2004-0482 Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) pro...
S
CVE-2004-0483 Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of...
S
CVE-2004-0484 mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of serv...
CVE-2004-0485 The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers ...
S
CVE-2004-0486 HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow...
E S
CVE-2004-0487 A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denia...
CVE-2004-0488 Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ss...
S
CVE-2004-0489 Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allo...
E
CVE-2004-0490 cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enabl...
E
CVE-2004-0491 The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page...
CVE-2004-0492 Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote at...
S
CVE-2004-0493 The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a deni...
E S
CVE-2004-0494 Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote att...
S
CVE-2004-0495 Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or...
S
CVE-2004-0496 Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access ...
CVE-2004-0497 Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, suc...
S
CVE-2004-0498 The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlier allows remote attackers to c...
CVE-2004-0499 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2004-0500 Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows r...
S
CVE-2004-0501 Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to req...
E
CVE-2004-0502 Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for...
E
CVE-2004-0503 Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute s...
E S
CVE-2004-0504 Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP message...
S
CVE-2004-0505 The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert er...
S
CVE-2004-0506 The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of servic...
S
CVE-2004-0507 Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause...
CVE-2004-0510 Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating system...
E S
CVE-2004-0511 Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating...
E S
CVE-2004-0512 Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating...
E S
CVE-2004-0513 Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to...
CVE-2004-0514 Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services...
S
CVE-2004-0515 Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files....
S
CVE-2004-0516 Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vul...
S
CVE-2004-0517 Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package install...
S
CVE-2004-0518 Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporti...
CVE-2004-0519 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to ...
E S
CVE-2004-0520 Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote att...
E S
CVE-2004-0521 SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unau...
S
CVE-2004-0522 Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery admini...
S
CVE-2004-0523 Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier all...
S
CVE-2004-0524 Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelM...
E S
CVE-2004-0525 HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause ...
S
CVE-2004-0526 Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL i...
E
CVE-2004-0527 KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar vi...
E
CVE-2004-0528 Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HRE...
E
CVE-2004-0529 The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 an...
CVE-2004-0530 The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp ...
S
CVE-2004-0533 Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, wh...
CVE-2004-0534 Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebInt...
S
CVE-2004-0535 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before usin...
S
CVE-2004-0536 Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source...
CVE-2004-0537 Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider ...
S
CVE-2004-0538 LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, ...
CVE-2004-0539 The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute down...
CVE-2004-0540 Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly...
CVE-2004-0541 Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5....
S
CVE-2004-0542 PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows ...
S
CVE-2004-0543 Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5....
S
CVE-2004-0544 Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1...
E S
CVE-2004-0545 LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack....
S
CVE-2004-0547 Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a de...
S
CVE-2004-0548 Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspe...
CVE-2004-0549 The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in ...
S
CVE-2004-0550 Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via...
CVE-2004-0551 Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches...
CVE-2004-0552 Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reser...
E S
CVE-2004-0554 Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash),...
CVE-2004-0555 Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to...
S
CVE-2004-0556 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0557 Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 ...
E S
CVE-2004-0558 The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to...
S
CVE-2004-0559 The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at...
S
CVE-2004-0560 Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of servi...
CVE-2004-0561 Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attac...
CVE-2004-0562 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0563 The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world r...
S
CVE-2004-0564 Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its desig...
S
CVE-2004-0565 Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit b...
CVE-2004-0566 Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code vi...
E
CVE-2004-0567 The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP...
S
CVE-2004-0568 HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does...
CVE-2004-0569 The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory o...
CVE-2004-0571 Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allo...
CVE-2004-0572 Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to e...
E S
CVE-2004-0573 Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 200...
CVE-2004-0574 The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000...
S
CVE-2004-0575 Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server...
CVE-2004-0576 The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows r...
S
CVE-2004-0577 WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote at...
CVE-2004-0578 WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote at...
CVE-2004-0579 Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as roo...
S
CVE-2004-0580 DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, ...
E
CVE-2004-0581 ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local user...
S
CVE-2004-0582 Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gai...
S
CVE-2004-0583 The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain c...
S
CVE-2004-0584 Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly val...
S
CVE-2004-0585 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0589. Reason: This candida...
R
CVE-2004-0586 acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL,...
CVE-2004-0587 Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause...
S
CVE-2004-0588 Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote atta...
S
CVE-2004-0589 Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allo...
S
CVE-2004-0590 FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1...
S
CVE-2004-0591 Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and ear...
E S
CVE-2004-0592 The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with...
S
CVE-2004-0593 Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow...
S
CVE-2004-0594 The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditi...
CVE-2004-0595 The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) ch...
E S
CVE-2004-0596 The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 ...
S
CVE-2004-0597 Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote at...
E S
CVE-2004-0598 The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial o...
E S
CVE-2004-0599 Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in ...
E S
CVE-2004-0600 Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote at...
S
CVE-2004-0601 distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rul...
S
CVE-2004-0602 The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system ...
S
CVE-2004-0603 gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails inst...
S
CVE-2004-0604 The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a de...
S
CVE-2004-0605 Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier,...
S
CVE-2004-0606 Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier al...
CVE-2004-0607 The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL ...
S
CVE-2004-0608 The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces...
E S
CVE-2004-0609 rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows re...
S
CVE-2004-0610 The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to caus...
CVE-2004-0611 Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of s...
CVE-2004-0612 The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encryp...
CVE-2004-0613 osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary cod...
E S
CVE-2004-0614 osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which...
CVE-2004-0615 Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI...
CVE-2004-0616 The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remo...
E S
CVE-2004-0617 Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitra...
E
CVE-2004-0618 FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an e...
E S
CVE-2004-0619 Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows loca...
S
CVE-2004-0620 Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1...
E
CVE-2004-0621 admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_use...
E
CVE-2004-0622 Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for lo...
CVE-2004-0623 Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitr...
S
CVE-2004-0624 PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows...
CVE-2004-0625 SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and...
S
CVE-2004-0626 The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and...
S
CVE-2004-0627 The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to byp...
S
CVE-2004-0628 Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a...
S
CVE-2004-0629 Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and p...
S
CVE-2004-0630 The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly othe...
S
CVE-2004-0631 Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linu...
E
CVE-2004-0632 Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into compon...
CVE-2004-0633 The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of s...
S
CVE-2004-0634 The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a deni...
S
CVE-2004-0635 The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of se...
S
CVE-2004-0636 Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM)...
S
CVE-2004-0637 Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additiona...
S
CVE-2004-0638 Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9...
S
CVE-2004-0639 Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote ...
E S
CVE-2004-0640 Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtel...
S
CVE-2004-0641 Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generat...
CVE-2004-0642 Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distributio...
S
CVE-2004-0643 Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier m...
S
CVE-2004-0644 The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1...
S
CVE-2004-0645 Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 a...
E S
CVE-2004-0646 Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (...
S
CVE-2004-0647 shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary fi...
S
CVE-2004-0648 Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attack...
CVE-2004-0649 Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitra...
S
CVE-2004-0650 UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote atta...
S
CVE-2004-0651 Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote att...
S
CVE-2004-0652 BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service...
S
CVE-2004-0653 Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5...
S
CVE-2004-0654 Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Admini...
S
CVE-2004-0655 eupdatedb in esearch 0.6.1 and earlier allows local users to create arbitrary files via a symlink at...
S
CVE-2004-0656 The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial ...
S
CVE-2004-0657 Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/...
S
CVE-2004-0658 Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IE...
CVE-2004-0659 Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to exec...
CVE-2004-0660 Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly o...
CVE-2004-0661 Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote a...
CVE-2004-0662 PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing paramet...
E
CVE-2004-0663 Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers t...
CVE-2004-0664 Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list ...
E
CVE-2004-0665 csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database par...
E
CVE-2004-0666 Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allows remote attackers to cause a ...
CVE-2004-0667 Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and ...
S
CVE-2004-0668 Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash)...
E
CVE-2004-0669 Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their q...
CVE-2004-0670 Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service...
CVE-2004-0671 Brightmail Spamfilter 6.0 and earlier beta releases allows remote attackers to read mail from other ...
E
CVE-2004-0672 Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in ...
E
CVE-2004-0673 Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to e...
E
CVE-2004-0674 Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Rou...
CVE-2004-0675 Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart...
E
CVE-2004-0676 Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and earlier allows r...
E S
CVE-2004-0677 Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of serv...
CVE-2004-0678 Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remo...
CVE-2004-0679 The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashin...
S
CVE-2004-0680 Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML ma...
CVE-2004-0681 Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2...
E S
CVE-2004-0682 comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows r...
E
CVE-2004-0683 Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU co...
CVE-2004-0684 WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite direc...
CVE-2004-0685 Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structure...
S
CVE-2004-0686 Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" optio...
S
CVE-2004-0687 Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in cre...
S
CVE-2004-0688 Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmI...
S
CVE-2004-0689 KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, wh...
S
CVE-2004-0690 The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink...
E S
CVE-2004-0691 Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allo...
S
CVE-2004-0692 The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of ser...
S
CVE-2004-0693 The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of ser...
S
CVE-2004-0694 Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash)...
CVE-2004-0695 Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attack...
CVE-2004-0696 The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrar...
CVE-2004-0697 Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini co...
CVE-2004-0698 4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink att...
CVE-2004-0699 Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive ...
S
CVE-2004-0700 Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl ...
CVE-2004-0701 Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smart...
S
CVE-2004-0702 DBI in Bugzilla 2.17.1 through 2.17.7 displays the database password in an error message when the SQ...
S
CVE-2004-0703 Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users ...
S
CVE-2004-0704 Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2....
S
CVE-2004-0705 Multiple cross-site scripting (XSS) vulnerabilities in (1) editcomponents.cgi, (2) editgroups.cgi, (...
S
CVE-2004-0706 Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to...
S
CVE-2004-0707 SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18r...
S
CVE-2004-0708 MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the sa...
S
CVE-2004-0709 HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters...
S
CVE-2004-0710 IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Seri...
S
CVE-2004-0711 The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" a...
S
CVE-2004-0712 The configuration tools (1) config.sh in Unix or (2) config.cmd in Windows for BEA WebLogic Server 8...
S
CVE-2004-0713 The remove method in a stateful Enterprise JavaBean (EJB) in BEA WebLogic Server and WebLogic Expres...
S
CVE-2004-0714 Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited ope...
S
CVE-2004-0715 The WebLogic Authentication provider for BEA WebLogic Server and WebLogic Express 8.1 through SP2 an...
S
CVE-2004-0716 Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remo...
S
CVE-2004-0717 Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injec...
CVE-2004-0718 The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not pro...
CVE-2004-0719 Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, doe...
S
CVE-2004-0720 Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame tha...
CVE-2004-0721 Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain ...
CVE-2004-0722 Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2)...
CVE-2004-0723 Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restriction...
E
CVE-2004-0724 The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server...
CVE-2004-0725 Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attac...
E S
CVE-2004-0726 The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitr...
E
CVE-2004-0727 Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including ...
CVE-2004-0728 The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows ...
CVE-2004-0729 PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows p...
CVE-2004-0730 Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 allow remote attackers to inject ...
CVE-2004-0731 Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remot...
E
CVE-2004-0732 SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers t...
E
CVE-2004-0733 Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (cr...
E
CVE-2004-0734 Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the ...
E
CVE-2004-0735 Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and ...
E S
CVE-2004-0736 The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**"...
CVE-2004-0737 Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows ...
CVE-2004-0738 Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to ex...
CVE-2004-0739 Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (...
CVE-2004-0740 The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial ...
CVE-2004-0741 LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash...
CVE-2004-0742 Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Cal...
S
CVE-2004-0743 Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the dat...
CVE-2004-0744 The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial ...
CVE-2004-0745 LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metac...
S
CVE-2004-0746 Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level do...
S
CVE-2004-0747 Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .hta...
S
CVE-2004-0748 mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consu...
CVE-2004-0749 The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all me...
S
CVE-2004-0750 Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts...
S
CVE-2004-0751 The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to a...
S
CVE-2004-0752 OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup,...
E S
CVE-2004-0753 The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attac...
S
CVE-2004-0754 Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possib...
S
CVE-2004-0755 The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files w...
S
CVE-2004-0756 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0757 Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox be...
S
CVE-2004-0758 Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as tha...
S
CVE-2004-0759 Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the va...
S
CVE-2004-0760 Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expecte...
S
CVE-2004-0761 Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use ce...
S
CVE-2004-0762 Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to instal...
S
CVE-2004-0763 Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites v...
S
CVE-2004-0764 Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack...
S
CVE-2004-0765 The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7...
S
CVE-2004-0766 NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid ...
CVE-2004-0767 NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid...
CVE-2004-0768 libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remot...
S
CVE-2004-0769 Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc...
E S
CVE-2004-0770 romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a sy...
CVE-2004-0771 Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbit...
S
CVE-2004-0772 Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and ea...
S
CVE-2004-0774 RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to...
CVE-2004-0775 Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServe...
S
CVE-2004-0777 Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x t...
CVE-2004-0778 CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existe...
S
CVE-2004-0779 The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that c...
CVE-2004-0780 Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a ...
S
CVE-2004-0781 Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-ser...
S
CVE-2004-0782 Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2)...
S
CVE-2004-0783 Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 ...
S
CVE-2004-0784 The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary comm...
S
CVE-2004-0785 Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service an...
S
CVE-2004-0786 The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote att...
S
CVE-2004-0787 Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9....
S
CVE-2004-0788 Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 a...
S
CVE-2004-0789 Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Po...
S
CVE-2004-0790 Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset ...
CVE-2004-0791 Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (networ...
CVE-2004-0792 Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlie...
S
CVE-2004-0793 The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed ...
E S
CVE-2004-0794 Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authe...
S
CVE-2004-0795 DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin admini...
S
CVE-2004-0796 SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via ce...
S
CVE-2004-0797 The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2....
CVE-2004-0798 Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows ...
E
CVE-2004-0799 The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a d...
S
CVE-2004-0800 Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain pri...
S
CVE-2004-0801 Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attacker...
S
CVE-2004-0802 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrar...
S
CVE-2004-0803 Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, re...
S
CVE-2004-0804 Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (app...
S
CVE-2004-0805 Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to exe...
S
CVE-2004-0806 cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop pri...
E S
CVE-2004-0807 Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memo...
S
CVE-2004-0808 The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons...
S
CVE-2004-0809 The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service...
E S
CVE-2004-0810 Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (serv...
CVE-2004-0811 Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could ...
S
CVE-2004-0812 Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectu...
S
CVE-2004-0813 Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only ac...
CVE-2004-0814 Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) loc...
S
CVE-2004-0815 The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain d...
E S
CVE-2004-0816 Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote att...
CVE-2004-0817 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execut...
S
CVE-2004-0818 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0819 The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging fir...
S
CVE-2004-0820 Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone v...
S
CVE-2004-0821 The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, w...
S
CVE-2004-0822 Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3...
CVE-2004-0823 OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating ...
S
CVE-2004-0824 PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a syml...
S
CVE-2004-0825 QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to ...
S
CVE-2004-0826 Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attacke...
S
CVE-2004-0827 Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6...
S
CVE-2004-0828 The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop pri...
CVE-2004-0829 smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by s...
S
CVE-2004-0830 The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure ...
S
CVE-2004-0831 McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via...
S
CVE-2004-0832 The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM au...
S
CVE-2004-0833 Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configurat...
S
CVE-2004-0834 Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbi...
CVE-2004-0835 MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CR...
E S
CVE-2004-0836 Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.4...
E S
CVE-2004-0837 MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (cras...
E S
CVE-2004-0838 Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encrypt...
CVE-2004-0839 Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attack...
E S
CVE-2004-0840 The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows S...
S
CVE-2004-0841 Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events tha...
E S
CVE-2004-0842 Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause...
E S
CVE-2004-0843 Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attacke...
S
CVE-2004-0844 Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter dis...
S
CVE-2004-0845 Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attacker...
S
CVE-2004-0846 Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote att...
S
CVE-2004-0847 The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass aut...
E
CVE-2004-0848 Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link ...
S
CVE-2004-0849 Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1...
S
CVE-2004-0850 Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs,...
S
CVE-2004-0851 The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to ov...
S
CVE-2004-0852 Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL....
S
CVE-2004-0853 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0854 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0855 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0856 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0857 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0858 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0859 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0860 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0861 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0866 Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such a...
S
CVE-2004-0867 Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such a...
CVE-2004-0868 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candida...
R
CVE-2004-0869 Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also b...
E
CVE-2004-0870 KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being...
CVE-2004-0871 Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent ...
CVE-2004-0872 Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent ov...
CVE-2004-0873 Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "l...
S
CVE-2004-0874 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1123. Reason: This candida...
R
CVE-2004-0875 Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and e...
S
CVE-2004-0880 getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a sy...
CVE-2004-0881 getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to w...
CVE-2004-0882 Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote a...
S
CVE-2004-0883 Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote sa...
S
CVE-2004-0884 The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH envi...
S
CVE-2004-0885 The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in dir...
S
CVE-2004-0886 Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of ...
E S
CVE-2004-0887 SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged i...
S
CVE-2004-0888 Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, ...
S
CVE-2004-0889 Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow re...
S
CVE-2004-0890 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reasons: This candidate is a ...
R
CVE-2004-0891 Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause ...
CVE-2004-0892 Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server...
S
CVE-2004-0893 The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Win...
CVE-2004-0894 LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 do...
CVE-2004-0897 The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length ...
S
CVE-2004-0899 The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP l...
CVE-2004-0900 The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not pro...
CVE-2004-0901 Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly valid...
CVE-2004-0902 Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1...
S
CVE-2004-0903 Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before ...
CVE-2004-0904 Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla...
CVE-2004-0905 Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows ...
E S
CVE-2004-0906 The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thu...
S
CVE-2004-0907 The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1....
S
CVE-2004-0908 Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows ...
E S
CVE-2004-0909 Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may all...
E
CVE-2004-0910 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0815. Reason: This candida...
R
CVE-2004-0911 telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote ...
S
CVE-2004-0913 Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.2...
S
CVE-2004-0914 Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, inc...
S
CVE-2004-0915 Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archi...
S
CVE-2004-0916 Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbi...
S
CVE-2004-0917 The default installation of Vignette Application Portal installs the diagnostic utility without auth...
E
CVE-2004-0918 The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABL...
S
CVE-2004-0919 The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via...
S
CVE-2004-0920 Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoi...
CVE-2004-0921 AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to...
S
CVE-2004-0922 AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest g...
S
CVE-2004-0923 CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, w...
S
CVE-2004-0924 NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root acc...
S
CVE-2004-0925 Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the user...
S
CVE-2004-0926 Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attac...
S
CVE-2004-0927 ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each ...
S
CVE-2004-0928 The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows r...
S
CVE-2004-0929 Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earli...
S
CVE-2004-0930 The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authentic...
E S
CVE-2004-0931 MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTT...
S
CVE-2004-0932 McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4...
E S
CVE-2004-0933 Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for t...
E S
CVE-2004-0934 Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file wi...
E S
CVE-2004-0935 Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus prote...
E S
CVE-2004-0936 RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both...
E S
CVE-2004-0937 Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, all...
E S
CVE-2004-0938 FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sendi...
S
CVE-2004-0939 changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication ...
CVE-2004-0940 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users...
E S
CVE-2004-0941 Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote att...
S
CVE-2004-0942 Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consum...
CVE-2004-0943 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2004-0944 The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11...
S
CVE-2004-0945 The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11...
CVE-2004-0946 rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly per...
S
CVE-2004-0947 Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an ar...
S
CVE-2004-0948 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2004-0949 The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does n...
S
CVE-2004-0950 NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username ...
S
CVE-2004-0951 The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the p...
E S
CVE-2004-0952 HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes t...
S
CVE-2004-0953 Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attac...
E S
CVE-2004-0954 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0597. Reason: This candida...
R
CVE-2004-0955 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0599. Reason: This candida...
R
CVE-2004-0956 MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a M...
S
CVE-2004-0957 Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database ...
CVE-2004-0958 php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1...
S
CVE-2004-0959 rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP sc...
S
CVE-2004-0960 FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malform...
S
CVE-2004-0961 Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory ...
S
CVE-2004-0962 Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple ...
CVE-2004-0963 Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remot...
CVE-2004-0964 Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attacker...
E S
CVE-2004-0965 stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain c...
S
CVE-2004-0966 The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as ...
S
CVE-2004-0967 The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) p...
S
CVE-2004-0968 The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink ...
S
CVE-2004-0969 The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5...
S
CVE-2004-0970 The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such a...
S
CVE-2004-0971 The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and...
S
CVE-2004-0972 The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly...
S
CVE-2004-0973 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0457. Reason: This candida...
R
CVE-2004-0974 The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, ...
S
CVE-2004-0975 The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operati...
S
CVE-2004-0976 Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating sys...
S
CVE-2004-0977 The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files...
S
CVE-2004-0978 Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01...
S
CVE-2004-0979 Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files"...
CVE-2004-0980 Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running i...
S
CVE-2004-0981 Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to e...
CVE-2004-0982 Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r coul...
S
CVE-2004-0983 The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a de...
S
CVE-2004-0984 Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux ...
CVE-2004-0985 Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demons...
CVE-2004-0986 Iptables before 1.2.11, under certain conditions, does not properly load the required modules at sys...
S
CVE-2004-0987 Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute...
S
CVE-2004-0988 Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote att...
CVE-2004-0989 Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may al...
E S
CVE-2004-0990 Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows r...
S
CVE-2004-0991 Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via fram...
S
CVE-2004-0992 Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote...
S
CVE-2004-0993 Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (applicat...
S
CVE-2004-0994 Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code ...
CVE-2004-0995 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-0996 main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows loca...
E S
CVE-2004-0997 Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows ...
S
CVE-2004-0998 Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbit...
S
CVE-2004-0999 zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation f...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.