CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2004 (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2004-0591 XSS 2004-08-06 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type.
702 CVE-2004-0590 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
703 CVE-2004-0588 XSS 2004-08-06 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages.
704 CVE-2004-0586 Exec Code 2004-08-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods.
705 CVE-2004-0584 XSS 2004-08-06 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability.
706 CVE-2004-0579 Exec Code 2004-08-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
707 CVE-2004-0575 Exec Code Overflow 2004-11-03 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.
708 CVE-2004-0574 787 Exec Code Overflow 2004-11-03 2020-04-09
10.0
None Remote Low Not required Complete Complete Complete
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
709 CVE-2004-0573 Exec Code Overflow 2004-09-28 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
710 CVE-2004-0572 Exec Code Overflow 2004-11-03 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe.
711 CVE-2004-0569 DoS 2004-11-03 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.
712 CVE-2004-0567 DoS Exec Code Overflow 2004-12-31 2019-04-30
7.5
None Remote Low Not required Partial Partial Partial
The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."
713 CVE-2004-0566 Exec Code Overflow 2004-07-27 2021-07-23
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.
714 CVE-2004-0561 DoS Exec Code 2004-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
715 CVE-2004-0560 DoS Exec Code Overflow 2004-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow.
716 CVE-2004-0557 Exec Code Overflow 2004-08-06 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
717 CVE-2004-0555 Exec Code Overflow 2004-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.
718 CVE-2004-0552 Exec Code Bypass 2004-11-03 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.
719 CVE-2004-0550 Exec Code Overflow 2004-08-06 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters.
720 CVE-2004-0549 Exec Code 2004-08-06 2021-07-23
10.0
None Remote Low Not required Complete Complete Complete
The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.
721 CVE-2004-0548 Exec Code Overflow 2004-08-06 2016-11-28
7.2
None Local Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.
722 CVE-2004-0545 2004-08-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
723 CVE-2004-0544 Overflow +Priv 2004-08-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
724 CVE-2004-0543 Sql 2004-08-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.
725 CVE-2004-0542 Exec Code 2004-08-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function.
726 CVE-2004-0541 Exec Code Overflow 2004-08-06 2018-05-03
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
727 CVE-2004-0540 2004-08-06 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
728 CVE-2004-0539 Exec Code 2004-08-06 2017-10-12
10.0
None Remote Low Not required Complete Complete Complete
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.
729 CVE-2004-0538 Exec Code 2004-08-06 2017-10-12
7.5
None Remote Low Not required Partial Partial Partial
LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user.
730 CVE-2004-0536 +Priv 2004-08-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report.
731 CVE-2004-0530 Exec Code 2004-08-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.
732 CVE-2004-0529 +Priv 2004-08-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
733 CVE-2004-0524 Overflow +Priv 2004-08-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.
734 CVE-2004-0523 Exec Code Overflow 2004-08-18 2020-01-21
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
735 CVE-2004-0522 Bypass 2004-08-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
736 CVE-2004-0521 Sql 2004-08-18 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
737 CVE-2004-0520 XSS 2004-08-18 2017-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
738 CVE-2004-0519 XSS 2004-08-18 2017-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
739 CVE-2004-0518 2004-08-18 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors.
740 CVE-2004-0514 2004-08-18 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups."
741 CVE-2004-0513 2004-08-18 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."
742 CVE-2004-0510 Exec Code Overflow 2004-12-23 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
743 CVE-2004-0507 DoS Exec Code Overflow 2004-08-18 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
744 CVE-2004-0500 DoS Exec Code Overflow 2004-09-28 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
745 CVE-2004-0496 +Priv 2004-12-06 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
746 CVE-2004-0495 +Priv 2004-08-06 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
747 CVE-2004-0494 2004-11-23 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
748 CVE-2004-0493 DoS Overflow 2004-08-06 2021-06-06
6.4
None Remote Low Not required None Partial Partial
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
749 CVE-2004-0492 DoS Exec Code Overflow 2004-08-06 2021-06-06
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
750 CVE-2004-0490 Exec Code 2004-08-18 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
Total number of vulnerabilities : 1077   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 (This Page)16 17 18 19 20 21 22
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.